summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/rand
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/rand/rand.h72
-rw-r--r--src/lib/libcrypto/rand/rand_err.c10
-rw-r--r--src/lib/libcrypto/rand/rand_lib.c104
-rw-r--r--src/lib/libcrypto/rand/randfile.c141
4 files changed, 249 insertions, 78 deletions
diff --git a/src/lib/libcrypto/rand/rand.h b/src/lib/libcrypto/rand/rand.h
index 477d7a150a..e17aa7a9f7 100644
--- a/src/lib/libcrypto/rand/rand.h
+++ b/src/lib/libcrypto/rand/rand.h
@@ -59,34 +59,68 @@
59#ifndef HEADER_RAND_H 59#ifndef HEADER_RAND_H
60#define HEADER_RAND_H 60#define HEADER_RAND_H
61 61
62#include <stdlib.h>
63#include <openssl/ossl_typ.h>
64
62#ifdef __cplusplus 65#ifdef __cplusplus
63extern "C" { 66extern "C" {
64#endif 67#endif
65 68
66#ifndef NOPROTO 69typedef struct rand_meth_st
70 {
71 void (*seed)(const void *buf, int num);
72 int (*bytes)(unsigned char *buf, int num);
73 void (*cleanup)(void);
74 void (*add)(const void *buf, int num, double entropy);
75 int (*pseudorand)(unsigned char *buf, int num);
76 int (*status)(void);
77 } RAND_METHOD;
78
79#ifdef BN_DEBUG
80extern int rand_predictable;
81#endif
82
83int RAND_set_rand_method(const RAND_METHOD *meth);
84const RAND_METHOD *RAND_get_rand_method(void);
85int RAND_set_rand_engine(ENGINE *engine);
86RAND_METHOD *RAND_SSLeay(void);
67void RAND_cleanup(void ); 87void RAND_cleanup(void );
68void RAND_bytes( unsigned char *buf,int num); 88int RAND_bytes(unsigned char *buf,int num);
69void RAND_seed( unsigned char *buf,int num); 89int RAND_pseudo_bytes(unsigned char *buf,int num);
70int RAND_load_file(char *file,long max_bytes); 90void RAND_seed(const void *buf,int num);
71int RAND_write_file(char *file); 91void RAND_add(const void *buf,int num,double entropy);
72char *RAND_file_name(char *file,int num); 92int RAND_load_file(const char *file,long max_bytes);
73#ifdef WINDOWS 93int RAND_write_file(const char *file);
94const char *RAND_file_name(char *file,size_t num);
95int RAND_status(void);
96int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes);
97int RAND_egd(const char *path);
98int RAND_egd_bytes(const char *path,int bytes);
99int RAND_poll(void);
100
101#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
102
74void RAND_screen(void); 103void RAND_screen(void);
104int RAND_event(UINT, WPARAM, LPARAM);
105
75#endif 106#endif
76#else 107
77void RAND_cleanup(); 108/* BEGIN ERROR CODES */
78void RAND_bytes(); 109/* The following lines are auto generated by the script mkerr.pl. Any changes
79void RAND_seed(); 110 * made after this point may be overwritten when the script is next run.
80int RAND_load_file(); 111 */
81int RAND_write_file(); 112void ERR_load_RAND_strings(void);
82char *RAND_file_name(); 113
83#ifdef WINDOWS 114/* Error codes for the RAND functions. */
84void RAND_screen(); 115
85#endif 116/* Function codes. */
86#endif 117#define RAND_F_RAND_GET_RAND_METHOD 101
118#define RAND_F_SSLEAY_RAND_BYTES 100
119
120/* Reason codes. */
121#define RAND_R_PRNG_NOT_SEEDED 100
87 122
88#ifdef __cplusplus 123#ifdef __cplusplus
89} 124}
90#endif 125#endif
91
92#endif 126#endif
diff --git a/src/lib/libcrypto/rand/rand_err.c b/src/lib/libcrypto/rand/rand_err.c
index d1263edf80..b77267e213 100644
--- a/src/lib/libcrypto/rand/rand_err.c
+++ b/src/lib/libcrypto/rand/rand_err.c
@@ -54,7 +54,8 @@
54 */ 54 */
55 55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes 56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file. 57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
58 */ 59 */
59 60
60#include <stdio.h> 61#include <stdio.h>
@@ -62,16 +63,17 @@
62#include <openssl/rand.h> 63#include <openssl/rand.h>
63 64
64/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
65#ifndef NO_ERR 66#ifndef OPENSSL_NO_ERR
66static ERR_STRING_DATA RAND_str_functs[]= 67static ERR_STRING_DATA RAND_str_functs[]=
67 { 68 {
69{ERR_PACK(0,RAND_F_RAND_GET_RAND_METHOD,0), "RAND_get_rand_method"},
68{ERR_PACK(0,RAND_F_SSLEAY_RAND_BYTES,0), "SSLEAY_RAND_BYTES"}, 70{ERR_PACK(0,RAND_F_SSLEAY_RAND_BYTES,0), "SSLEAY_RAND_BYTES"},
69{0,NULL} 71{0,NULL}
70 }; 72 };
71 73
72static ERR_STRING_DATA RAND_str_reasons[]= 74static ERR_STRING_DATA RAND_str_reasons[]=
73 { 75 {
74{RAND_R_PRNG_NOT_SEEDED ,"prng not seeded"}, 76{RAND_R_PRNG_NOT_SEEDED ,"PRNG not seeded"},
75{0,NULL} 77{0,NULL}
76 }; 78 };
77 79
@@ -84,7 +86,7 @@ void ERR_load_RAND_strings(void)
84 if (init) 86 if (init)
85 { 87 {
86 init=0; 88 init=0;
87#ifndef NO_ERR 89#ifndef OPENSSL_NO_ERR
88 ERR_load_strings(ERR_LIB_RAND,RAND_str_functs); 90 ERR_load_strings(ERR_LIB_RAND,RAND_str_functs);
89 ERR_load_strings(ERR_LIB_RAND,RAND_str_reasons); 91 ERR_load_strings(ERR_LIB_RAND,RAND_str_reasons);
90#endif 92#endif
diff --git a/src/lib/libcrypto/rand/rand_lib.c b/src/lib/libcrypto/rand/rand_lib.c
index 34c6d5b968..5cf5dc1188 100644
--- a/src/lib/libcrypto/rand/rand_lib.c
+++ b/src/lib/libcrypto/rand/rand_lib.c
@@ -57,42 +57,110 @@
57 */ 57 */
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include <sys/types.h>
61#include <time.h> 60#include <time.h>
61#include "cryptlib.h"
62#include <openssl/rand.h> 62#include <openssl/rand.h>
63#include <openssl/engine.h>
63 64
64#ifdef NO_RAND 65/* non-NULL if default_RAND_meth is ENGINE-provided */
65static RAND_METHOD *rand_meth=NULL; 66static ENGINE *funct_ref =NULL;
66#else 67static const RAND_METHOD *default_RAND_meth = NULL;
67extern RAND_METHOD rand_ssleay_meth;
68static RAND_METHOD *rand_meth= &rand_ssleay_meth;
69#endif
70 68
71void RAND_set_rand_method(RAND_METHOD *meth) 69int RAND_set_rand_method(const RAND_METHOD *meth)
72 { 70 {
73 rand_meth=meth; 71 if(funct_ref)
72 {
73 ENGINE_finish(funct_ref);
74 funct_ref = NULL;
75 }
76 default_RAND_meth = meth;
77 return 1;
74 } 78 }
75 79
76RAND_METHOD *RAND_get_rand_method(void) 80const RAND_METHOD *RAND_get_rand_method(void)
77 { 81 {
78 return(rand_meth); 82 if (!default_RAND_meth)
83 {
84 ENGINE *e = ENGINE_get_default_RAND();
85 if(e)
86 {
87 default_RAND_meth = ENGINE_get_RAND(e);
88 if(!default_RAND_meth)
89 {
90 ENGINE_finish(e);
91 e = NULL;
92 }
93 }
94 if(e)
95 funct_ref = e;
96 else
97 default_RAND_meth = RAND_SSLeay();
98 }
99 return default_RAND_meth;
100 }
101
102int RAND_set_rand_engine(ENGINE *engine)
103 {
104 const RAND_METHOD *tmp_meth = NULL;
105 if(engine)
106 {
107 if(!ENGINE_init(engine))
108 return 0;
109 tmp_meth = ENGINE_get_RAND(engine);
110 if(!tmp_meth)
111 {
112 ENGINE_finish(engine);
113 return 0;
114 }
115 }
116 /* This function releases any prior ENGINE so call it first */
117 RAND_set_rand_method(tmp_meth);
118 funct_ref = engine;
119 return 1;
79 } 120 }
80 121
81void RAND_cleanup(void) 122void RAND_cleanup(void)
82 { 123 {
83 if (rand_meth != NULL) 124 const RAND_METHOD *meth = RAND_get_rand_method();
84 rand_meth->cleanup(); 125 if (meth && meth->cleanup)
126 meth->cleanup();
127 RAND_set_rand_method(NULL);
85 } 128 }
86 129
87void RAND_seed(const void *buf, int num) 130void RAND_seed(const void *buf, int num)
88 { 131 {
89 if (rand_meth != NULL) 132 const RAND_METHOD *meth = RAND_get_rand_method();
90 rand_meth->seed(buf,num); 133 if (meth && meth->seed)
134 meth->seed(buf,num);
135 }
136
137void RAND_add(const void *buf, int num, double entropy)
138 {
139 const RAND_METHOD *meth = RAND_get_rand_method();
140 if (meth && meth->add)
141 meth->add(buf,num,entropy);
91 } 142 }
92 143
93void RAND_bytes(unsigned char *buf, int num) 144int RAND_bytes(unsigned char *buf, int num)
94 { 145 {
95 if (rand_meth != NULL) 146 const RAND_METHOD *meth = RAND_get_rand_method();
96 rand_meth->bytes(buf,num); 147 if (meth && meth->bytes)
148 return meth->bytes(buf,num);
149 return(-1);
97 } 150 }
98 151
152int RAND_pseudo_bytes(unsigned char *buf, int num)
153 {
154 const RAND_METHOD *meth = RAND_get_rand_method();
155 if (meth && meth->pseudorand)
156 return meth->pseudorand(buf,num);
157 return(-1);
158 }
159
160int RAND_status(void)
161 {
162 const RAND_METHOD *meth = RAND_get_rand_method();
163 if (meth && meth->status)
164 return meth->status();
165 return 0;
166 }
diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c
index f2b3746363..982074c465 100644
--- a/src/lib/libcrypto/rand/randfile.c
+++ b/src/lib/libcrypto/rand/randfile.c
@@ -56,22 +56,41 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#include <errno.h>
59#include <stdio.h> 60#include <stdio.h>
60#include "cryptlib.h" 61#include <stdlib.h>
61#include <sys/stat.h> 62#include <string.h>
62#include <sys/types.h> 63
63#include "rand.h" 64#include "e_os.h"
65#include <openssl/crypto.h>
66#include <openssl/rand.h>
67
68#ifdef OPENSSL_SYS_VMS
69#include <unixio.h>
70#endif
71#ifndef NO_SYS_TYPES_H
72# include <sys/types.h>
73#endif
74#ifdef MAC_OS_pre_X
75# include <stat.h>
76#else
77# include <sys/stat.h>
78#endif
64 79
65#undef BUFSIZE 80#undef BUFSIZE
66#define BUFSIZE 1024 81#define BUFSIZE 1024
67#define RAND_DATA 1024 82#define RAND_DATA 1024
68 83
69/* #define RFILE ".rand" - defined in ../../e_os.h */ 84/* #define RFILE ".rnd" - defined in ../../e_os.h */
85
86/* Note that these functions are intended for seed files only.
87 * Entropy devices and EGD sockets are handled in rand_unix.c */
70 88
71int RAND_load_file(file,bytes) 89int RAND_load_file(const char *file, long bytes)
72char *file;
73long bytes;
74 { 90 {
91 /* If bytes >= 0, read up to 'bytes' bytes.
92 * if bytes == -1, read complete file. */
93
75 MS_STATIC unsigned char buf[BUFSIZE]; 94 MS_STATIC unsigned char buf[BUFSIZE];
76 struct stat sb; 95 struct stat sb;
77 int i,ret=0,n; 96 int i,ret=0,n;
@@ -81,23 +100,28 @@ long bytes;
81 100
82 i=stat(file,&sb); 101 i=stat(file,&sb);
83 /* If the state fails, put some crap in anyway */ 102 /* If the state fails, put some crap in anyway */
84 RAND_seed((unsigned char *)&sb,sizeof(sb)); 103 RAND_add(&sb,sizeof(sb),0);
85 ret+=sizeof(sb);
86 if (i < 0) return(0); 104 if (i < 0) return(0);
87 if (bytes <= 0) return(ret); 105 if (bytes == 0) return(ret);
88 106
89 in=fopen(file,"r"); 107 in=fopen(file,"rb");
90 if (in == NULL) goto err; 108 if (in == NULL) goto err;
91 for (;;) 109 for (;;)
92 { 110 {
93 n=(bytes < BUFSIZE)?(int)bytes:BUFSIZE; 111 if (bytes > 0)
112 n = (bytes < BUFSIZE)?(int)bytes:BUFSIZE;
113 else
114 n = BUFSIZE;
94 i=fread(buf,1,n,in); 115 i=fread(buf,1,n,in);
95 if (i <= 0) break; 116 if (i <= 0) break;
96 /* even if n != i, use the full array */ 117 /* even if n != i, use the full array */
97 RAND_seed(buf,n); 118 RAND_add(buf,n,i);
98 ret+=i; 119 ret+=i;
99 bytes-=n; 120 if (bytes > 0)
100 if (bytes <= 0) break; 121 {
122 bytes-=n;
123 if (bytes <= 0) break;
124 }
101 } 125 }
102 fclose(in); 126 fclose(in);
103 memset(buf,0,BUFSIZE); 127 memset(buf,0,BUFSIZE);
@@ -105,23 +129,36 @@ err:
105 return(ret); 129 return(ret);
106 } 130 }
107 131
108int RAND_write_file(file) 132int RAND_write_file(const char *file)
109char *file;
110 { 133 {
111 unsigned char buf[BUFSIZE]; 134 unsigned char buf[BUFSIZE];
112 int i,ret=0; 135 int i,ret=0,rand_err=0;
113 FILE *out; 136 FILE *out = NULL;
114 int n; 137 int n;
115 138
116 out=fopen(file,"w"); 139#if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32)
140 /* For some reason Win32 can't write to files created this way */
141
142 /* chmod(..., 0600) is too late to protect the file,
143 * permissions should be restrictive from the start */
144 int fd = open(file, O_CREAT, 0600);
145 if (fd != -1)
146 out = fdopen(fd, "wb");
147#endif
148 if (out == NULL)
149 out = fopen(file,"wb");
117 if (out == NULL) goto err; 150 if (out == NULL) goto err;
151
152#ifndef NO_CHMOD
118 chmod(file,0600); 153 chmod(file,0600);
154#endif
119 n=RAND_DATA; 155 n=RAND_DATA;
120 for (;;) 156 for (;;)
121 { 157 {
122 i=(n > BUFSIZE)?BUFSIZE:n; 158 i=(n > BUFSIZE)?BUFSIZE:n;
123 n-=BUFSIZE; 159 n-=BUFSIZE;
124 RAND_bytes(buf,i); 160 if (RAND_bytes(buf,i) <= 0)
161 rand_err=1;
125 i=fwrite(buf,1,i,out); 162 i=fwrite(buf,1,i,out);
126 if (i <= 0) 163 if (i <= 0)
127 { 164 {
@@ -130,21 +167,40 @@ char *file;
130 } 167 }
131 ret+=i; 168 ret+=i;
132 if (n <= 0) break; 169 if (n <= 0) break;
170 }
171#ifdef OPENSSL_SYS_VMS
172 /* Try to delete older versions of the file, until there aren't
173 any */
174 {
175 char *tmpf;
176
177 tmpf = OPENSSL_malloc(strlen(file) + 4); /* to add ";-1" and a nul */
178 if (tmpf)
179 {
180 strcpy(tmpf, file);
181 strcat(tmpf, ";-1");
182 while(delete(tmpf) == 0)
183 ;
184 rename(file,";1"); /* Make sure it's version 1, or we
185 will reach the limit (32767) at
186 some point... */
133 } 187 }
188 }
189#endif /* OPENSSL_SYS_VMS */
190
134 fclose(out); 191 fclose(out);
135 memset(buf,0,BUFSIZE); 192 memset(buf,0,BUFSIZE);
136err: 193err:
137 return(ret); 194 return (rand_err ? -1 : ret);
138 } 195 }
139 196
140char *RAND_file_name(buf,size) 197const char *RAND_file_name(char *buf, size_t size)
141char *buf;
142int size;
143 { 198 {
144 char *s; 199 char *s=NULL;
145 char *ret=NULL; 200 char *ret=NULL;
146 201
147 s=getenv("RANDFILE"); 202 if (OPENSSL_issetugid() == 0)
203 s=getenv("RANDFILE");
148 if (s != NULL) 204 if (s != NULL)
149 { 205 {
150 strncpy(buf,s,size-1); 206 strncpy(buf,s,size-1);
@@ -153,14 +209,25 @@ int size;
153 } 209 }
154 else 210 else
155 { 211 {
156 s=getenv("HOME"); 212 if (OPENSSL_issetugid() == 0)
157 if (s == NULL) return(RFILE); 213 s=getenv("HOME");
158 if (((int)(strlen(s)+strlen(RFILE)+2)) > size) 214#ifdef DEFAULT_HOME
159 return(RFILE); 215 if (s == NULL)
160 strcpy(buf,s); 216 {
161 strcat(buf,"/"); 217 s = DEFAULT_HOME;
162 strcat(buf,RFILE); 218 }
163 ret=buf; 219#endif
220 if (s != NULL && (strlen(s)+strlen(RFILE)+2 < size))
221 {
222 strcpy(buf,s);
223#ifndef OPENSSL_SYS_VMS
224 strcat(buf,"/");
225#endif
226 strcat(buf,RFILE);
227 ret=buf;
228 }
229 else
230 buf[0] = '\0'; /* no file name */
164 } 231 }
165 return(ret); 232 return(ret);
166 } 233 }