9 files changed, 138 insertions, 57 deletions
diff --git a/src/lib/libcrypto/rand/md_rand.c b/src/lib/libcrypto/rand/md_rand.c
index eeffc0df4c..c84968df88 100644
--- a/src/lib/libcrypto/rand/md_rand.c
+++ b/src/lib/libcrypto/rand/md_rand.c
@@ -126,6 +126,7 @@
 #include <openssl/crypto.h>
 #include <openssl/err.h>
+#include <openssl/fips.h>
 #ifdef BN_DEBUG
 # define PREDICT
@@ -332,6 +333,14 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 #endif
        int do_stir_pool = 0;
+#ifdef OPENSSL_FIPS
+        if(FIPS_mode())
+            {
+            FIPSerr(FIPS_F_SSLEAY_RAND_BYTES,FIPS_R_NON_FIPS_METHOD);
+            return 0;
+            }
+#endif
 #ifdef PREDICT
        if (rand_predictable)
                {
diff --git a/src/lib/libcrypto/rand/rand.h b/src/lib/libcrypto/rand/rand.h
index 606382dd21..604df9be6c 100644
--- a/src/lib/libcrypto/rand/rand.h
+++ b/src/lib/libcrypto/rand/rand.h
@@ -71,6 +71,10 @@
 extern "C" {
 #endif
+#if defined(OPENSSL_FIPS)
+#define FIPS_RAND_SIZE_T int
+#endif
 typedef struct rand_meth_st
        {
        void (*seed)(const void *buf, int num);
@@ -121,11 +125,17 @@ void ERR_load_RAND_strings(void);
 /* Error codes for the RAND functions. */
 /* Function codes. */
+#define RAND_F_FIPS_RAND_BYTES                           102
 #define RAND_F_RAND_GET_RAND_METHOD                      101
 #define RAND_F_SSLEAY_RAND_BYTES                         100
 /* Reason codes. */
+#define RAND_R_NON_FIPS_METHOD                           101
+#define RAND_R_PRNG_ASKING_FOR_TOO_MUCH                  105
+#define RAND_R_PRNG_NOT_REKEYED                          103
+#define RAND_R_PRNG_NOT_RESEEDED                         104
 #define RAND_R_PRNG_NOT_SEEDED                           100
+#define RAND_R_PRNG_STUCK                                102
 #ifdef  __cplusplus
 }
diff --git a/src/lib/libcrypto/rand/rand_egd.c b/src/lib/libcrypto/rand/rand_egd.c
index 6f742900a0..cd666abfcb 100644
--- a/src/lib/libcrypto/rand/rand_egd.c
+++ b/src/lib/libcrypto/rand/rand_egd.c
@@ -95,7 +95,7 @@
 *   RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
 */
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS)
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_VOS)
 int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
        {
        return(-1);
@@ -216,7 +216,9 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
            while (numbytes != 1)
                {
                num = read(fd, egdbuf, 1);
-                if (num >= 0)
+                if (num == 0)
+                        goto err;       /* descriptor closed */
+                else if (num > 0)
                    numbytes += num;
                else
                    {
@@ -246,7 +248,9 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
            while (numbytes != egdbuf[0])
                {
                num = read(fd, retrievebuf + numbytes, egdbuf[0] - numbytes);
-                if (num >= 0)
+                if (num == 0)
+                        goto err;       /* descriptor closed */
+                else if (num > 0)
                    numbytes += num;
                else
                    {
diff --git a/src/lib/libcrypto/rand/rand_err.c b/src/lib/libcrypto/rand/rand_err.c
index b77267e213..95574659ac 100644
--- a/src/lib/libcrypto/rand/rand_err.c
+++ b/src/lib/libcrypto/rand/rand_err.c
@@ -1,6 +1,6 @@
 /* crypto/rand/rand_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -66,6 +66,7 @@
 #ifndef OPENSSL_NO_ERR
 static ERR_STRING_DATA RAND_str_functs[]=
        {
+{ERR_PACK(0,RAND_F_FIPS_RAND_BYTES,0),  "FIPS_RAND_BYTES"},
 {ERR_PACK(0,RAND_F_RAND_GET_RAND_METHOD,0),     "RAND_get_rand_method"},
 {ERR_PACK(0,RAND_F_SSLEAY_RAND_BYTES,0),        "SSLEAY_RAND_BYTES"},
 {0,NULL}
@@ -73,7 +74,12 @@ static ERR_STRING_DATA RAND_str_functs[]=
 static ERR_STRING_DATA RAND_str_reasons[]=
        {
+{RAND_R_NON_FIPS_METHOD                  ,"non fips method"},
+{RAND_R_PRNG_ASKING_FOR_TOO_MUCH         ,"prng asking for too much"},
+{RAND_R_PRNG_NOT_REKEYED                 ,"prng not rekeyed"},
+{RAND_R_PRNG_NOT_RESEEDED                ,"prng not reseeded"},
 {RAND_R_PRNG_NOT_SEEDED                  ,"PRNG not seeded"},
+{RAND_R_PRNG_STUCK                       ,"prng stuck"},
 {0,NULL}
        };
diff --git a/src/lib/libcrypto/rand/rand_lib.c b/src/lib/libcrypto/rand/rand_lib.c
index 513e338985..88f1b56d91 100644
--- a/src/lib/libcrypto/rand/rand_lib.c
+++ b/src/lib/libcrypto/rand/rand_lib.c
@@ -63,6 +63,8 @@
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
+#include <openssl/fips.h>
+#include <openssl/fips_rand.h>
 #ifndef OPENSSL_NO_ENGINE
 /* non-NULL if default_RAND_meth is ENGINE-provided */
@@ -85,6 +87,16 @@ int RAND_set_rand_method(const RAND_METHOD *meth)
 const RAND_METHOD *RAND_get_rand_method(void)
        {
+#ifdef OPENSSL_FIPS
+        if(FIPS_mode()
+                && default_RAND_meth != FIPS_rand_check())
+            {
+            RANDerr(RAND_F_RAND_GET_RAND_METHOD,RAND_R_NON_FIPS_METHOD);
+            return 0;
+            }
+#endif
        if (!default_RAND_meth)
                {
 #ifndef OPENSSL_NO_ENGINE
diff --git a/src/lib/libcrypto/rand/rand_unix.c b/src/lib/libcrypto/rand/rand_unix.c
index 0599719dd1..9376554fae 100644
--- a/src/lib/libcrypto/rand/rand_unix.c
+++ b/src/lib/libcrypto/rand/rand_unix.c
@@ -120,6 +120,7 @@
 #include <sys/types.h>
 #include <sys/time.h>
 #include <sys/times.h>
+#include <sys/stat.h>
 #include <fcntl.h>
 #include <unistd.h>
 #include <time.h>
@@ -151,9 +152,9 @@ int RAND_poll(void)
        int n = 0;
 #endif
 #ifdef DEVRANDOM
-        static const char *randomfiles[] = { DEVRANDOM, NULL };
+        static const char *randomfiles[] = { DEVRANDOM };
-        const char **randomfile = NULL;
+        struct stat randomstats[sizeof(randomfiles)/sizeof(randomfiles[0])];
-        int fd;
+        int fd,i;
 #endif
 #ifdef DEVRANDOM_EGD
        static const char *egdsockets[] = { DEVRANDOM_EGD, NULL };
@@ -161,26 +162,42 @@ int RAND_poll(void)
 #endif
 #ifdef DEVRANDOM
+        memset(randomstats,0,sizeof(randomstats));
        /* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
         * have this. Use /dev/urandom if you can as /dev/random may block
         * if it runs out of random entries.  */
-        for (randomfile = randomfiles; *randomfile && n < ENTROPY_NEEDED; randomfile++)
+        for (i=0; i<sizeof(randomfiles)/sizeof(randomfiles[0]) && n < ENTROPY_NEEDED; i++)
                {
-                if ((fd = open(*randomfile, O_RDONLY|O_NONBLOCK
+                if ((fd = open(randomfiles[i], O_RDONLY
+#ifdef O_NONBLOCK
+                        |O_NONBLOCK
+#endif
+#ifdef O_BINARY
+                        |O_BINARY
+#endif
 #ifdef O_NOCTTY /* If it happens to be a TTY (god forbid), do not make it
                   our controlling tty */
                        |O_NOCTTY
 #endif
-#ifdef O_NOFOLLOW /* Fail if the file is a symbolic link */
-                        |O_NOFOLLOW
-#endif
                        )) >= 0)
                        {
                        struct timeval t = { 0, 10*1000 }; /* Spend 10ms on
                                                              each file. */
-                        int r;
+                        int r,j;
                        fd_set fset;
+                        struct stat *st=&randomstats[i];
+                        /* Avoid using same input... Used to be O_NOFOLLOW
+                         * above, but it's not universally appropriate... */
+                        if (fstat(fd,st) != 0)  { close(fd); continue; }
+                        for (j=0;j<i;j++)
+                                {
+                                if (randomstats[j].st_ino==st->st_ino &&
+                                    randomstats[j].st_dev==st->st_dev)
+                                        break;
+                                }
+                        if (j<i)                { close(fd); continue; }
                        do
                                {
diff --git a/src/lib/libcrypto/rand/rand_vms.c b/src/lib/libcrypto/rand/rand_vms.c
index 29b2d7af0b..1267a3acae 100644
--- a/src/lib/libcrypto/rand/rand_vms.c
+++ b/src/lib/libcrypto/rand/rand_vms.c
@@ -101,11 +101,12 @@ int RAND_poll(void)
        pitem = item;
        /* Setup */
-        while (pitems_data->length)
+        while (pitems_data->length
+                && (total_length + pitems_data->length <= 256))
                {
                pitem->length = pitems_data->length;
                pitem->code = pitems_data->code;
-                pitem->buffer = (long *)data_buffer[total_length];
+                pitem->buffer = (long *)&data_buffer[total_length];
                pitem->retlen = 0;
                total_length += pitems_data->length;
                pitems_data++;
diff --git a/src/lib/libcrypto/rand/rand_win.c b/src/lib/libcrypto/rand/rand_win.c
index 3584842224..30c69161ef 100644
--- a/src/lib/libcrypto/rand/rand_win.c
+++ b/src/lib/libcrypto/rand/rand_win.c
@@ -125,7 +125,7 @@
 * http://developer.intel.com/design/security/rng/redist_license.htm
 */
 #define PROV_INTEL_SEC 22
-#define INTEL_DEF_PROV TEXT("Intel Hardware Cryptographic Service Provider")
+#define INTEL_DEF_PROV L"Intel Hardware Cryptographic Service Provider"
 static void readtimer(void);
 static void readscreen(void);
@@ -152,7 +152,7 @@ typedef struct tagCURSORINFO
 #define CURSOR_SHOWING     0x00000001
 #endif /* CURSOR_SHOWING */
-typedef BOOL (WINAPI *CRYPTACQUIRECONTEXT)(HCRYPTPROV *, LPCTSTR, LPCTSTR,
+typedef BOOL (WINAPI *CRYPTACQUIRECONTEXTW)(HCRYPTPROV *, LPCWSTR, LPCWSTR,
                                    DWORD, DWORD);
 typedef BOOL (WINAPI *CRYPTGENRANDOM)(HCRYPTPROV, DWORD, BYTE *);
 typedef BOOL (WINAPI *CRYPTRELEASECONTEXT)(HCRYPTPROV, DWORD);
@@ -194,7 +194,7 @@ int RAND_poll(void)
        HWND h;
        HMODULE advapi, kernel, user, netapi;
-        CRYPTACQUIRECONTEXT acquire = 0;
+        CRYPTACQUIRECONTEXTW acquire = 0;
        CRYPTGENRANDOM gen = 0;
        CRYPTRELEASECONTEXT release = 0;
 #if 1 /* There was previously a problem with NETSTATGET.  Currently, this
@@ -213,6 +213,9 @@ int RAND_poll(void)
        GetVersionEx( &osverinfo ) ;
 #if defined(OPENSSL_SYS_WINCE) && WCEPLATFORM!=MS_HPC_PRO
+#ifndef CryptAcquireContext
+#define CryptAcquireContext CryptAcquireContextW
+#endif
        /* poll the CryptoAPI PRNG */
        /* The CryptoAPI returns sizeof(buf) bytes of randomness */
        if (CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
@@ -223,21 +226,35 @@ int RAND_poll(void)
                }
 #endif
+#ifndef OPENSSL_SYS_WINCE
+        /*
+         * None of below libraries are present on Windows CE, which is
+         * why we #ifndef the whole section. This also excuses us from
+         * handling the GetProcAddress issue. The trouble is that in
+         * real Win32 API GetProcAddress is available in ANSI flavor
+         * only. In WinCE on the other hand GetProcAddress is a macro
+         * most commonly defined as GetProcAddressW, which accepts
+         * Unicode argument. If we were to call GetProcAddress under
+         * WinCE, I'd recommend to either redefine GetProcAddress as
+         * GetProcAddressA (there seem to be one in common CE spec) or
+         * implement own shim routine, which would accept ANSI argument
+         * and expand it to Unicode.
+         */
        /* load functions dynamically - not available on all systems */
        advapi = LoadLibrary(TEXT("ADVAPI32.DLL"));
        kernel = LoadLibrary(TEXT("KERNEL32.DLL"));
        user = LoadLibrary(TEXT("USER32.DLL"));
        netapi = LoadLibrary(TEXT("NETAPI32.DLL"));
-#ifndef OPENSSL_SYS_WINCE
 #if 1 /* There was previously a problem with NETSTATGET.  Currently, this
       * section is still experimental, but if all goes well, this conditional
       * will be removed
       */
        if (netapi)
                {
-                netstatget = (NETSTATGET) GetProcAddress(netapi,TEXT("NetStatisticsGet"));
+                netstatget = (NETSTATGET) GetProcAddress(netapi,"NetStatisticsGet");
-                netfree = (NETFREE) GetProcAddress(netapi,TEXT("NetApiBufferFree"));
+                netfree = (NETFREE) GetProcAddress(netapi,"NetApiBufferFree");
                }
        if (netstatget && netfree)
@@ -264,9 +281,7 @@ int RAND_poll(void)
        if (netapi)
                FreeLibrary(netapi);
 #endif /* 1 */
-#endif /* !OPENSSL_SYS_WINCE */
- 
-#ifndef OPENSSL_SYS_WINCE
        /* It appears like this can cause an exception deep within ADVAPI32.DLL
         * at random times on Windows 2000.  Reported by Jeffrey Altman.  
         * Only use it on NT.
@@ -321,16 +336,20 @@ int RAND_poll(void)
                        free(buf);
                }
 #endif
-#endif /* !OPENSSL_SYS_WINCE */
        if (advapi)
                {
-                acquire = (CRYPTACQUIRECONTEXT) GetProcAddress(advapi,
+                /*
-                        TEXT("CryptAcquireContextA"));
+                 * If it's available, then it's available in both ANSI
+                 * and UNICODE flavors even in Win9x, documentation says.
+                 * We favor Unicode...
+                 */
+                acquire = (CRYPTACQUIRECONTEXTW) GetProcAddress(advapi,
+                        "CryptAcquireContextW");
                gen = (CRYPTGENRANDOM) GetProcAddress(advapi,
-                        TEXT("CryptGenRandom"));
+                        "CryptGenRandom");
                release = (CRYPTRELEASECONTEXT) GetProcAddress(advapi,
-                        TEXT("CryptReleaseContext"));
+                        "CryptReleaseContext");
                }
        if (acquire && gen && release)
@@ -367,26 +386,15 @@ int RAND_poll(void)
        if (advapi)
                FreeLibrary(advapi);
-        /* timer data */
-        readtimer();
-        
-        /* memory usage statistics */
-        GlobalMemoryStatus(&m);
-        RAND_add(&m, sizeof(m), 1);
-        /* process ID */
-        w = GetCurrentProcessId();
-        RAND_add(&w, sizeof(w), 1);
        if (user)
                {
                GETCURSORINFO cursor;
                GETFOREGROUNDWINDOW win;
                GETQUEUESTATUS queue;
-                win = (GETFOREGROUNDWINDOW) GetProcAddress(user, TEXT("GetForegroundWindow"));
+                win = (GETFOREGROUNDWINDOW) GetProcAddress(user, "GetForegroundWindow");
-                cursor = (GETCURSORINFO) GetProcAddress(user, TEXT("GetCursorInfo"));
+                cursor = (GETCURSORINFO) GetProcAddress(user, "GetCursorInfo");
-                queue = (GETQUEUESTATUS) GetProcAddress(user, TEXT("GetQueueStatus"));
+                queue = (GETQUEUESTATUS) GetProcAddress(user, "GetQueueStatus");
                if (win)
                        {
@@ -458,19 +466,19 @@ int RAND_poll(void)
                MODULEENTRY32 m;
                snap = (CREATETOOLHELP32SNAPSHOT)
-                        GetProcAddress(kernel, TEXT("CreateToolhelp32Snapshot"));
+                        GetProcAddress(kernel, "CreateToolhelp32Snapshot");
                close_snap = (CLOSETOOLHELP32SNAPSHOT)
-                        GetProcAddress(kernel, TEXT("CloseToolhelp32Snapshot"));
+                        GetProcAddress(kernel, "CloseToolhelp32Snapshot");
-                heap_first = (HEAP32FIRST) GetProcAddress(kernel, TEXT("Heap32First"));
+                heap_first = (HEAP32FIRST) GetProcAddress(kernel, "Heap32First");
-                heap_next = (HEAP32NEXT) GetProcAddress(kernel, TEXT("Heap32Next"));
+                heap_next = (HEAP32NEXT) GetProcAddress(kernel, "Heap32Next");
-                heaplist_first = (HEAP32LIST) GetProcAddress(kernel, TEXT("Heap32ListFirst"));
+                heaplist_first = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListFirst");
-                heaplist_next = (HEAP32LIST) GetProcAddress(kernel, TEXT("Heap32ListNext"));
+                heaplist_next = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListNext");
-                process_first = (PROCESS32) GetProcAddress(kernel, TEXT("Process32First"));
+                process_first = (PROCESS32) GetProcAddress(kernel, "Process32First");
-                process_next = (PROCESS32) GetProcAddress(kernel, TEXT("Process32Next"));
+                process_next = (PROCESS32) GetProcAddress(kernel, "Process32Next");
-                thread_first = (THREAD32) GetProcAddress(kernel, TEXT("Thread32First"));
+                thread_first = (THREAD32) GetProcAddress(kernel, "Thread32First");
-                thread_next = (THREAD32) GetProcAddress(kernel, TEXT("Thread32Next"));
+                thread_next = (THREAD32) GetProcAddress(kernel, "Thread32Next");
-                module_first = (MODULE32) GetProcAddress(kernel, TEXT("Module32First"));
+                module_first = (MODULE32) GetProcAddress(kernel, "Module32First");
-                module_next = (MODULE32) GetProcAddress(kernel, TEXT("Module32Next"));
+                module_next = (MODULE32) GetProcAddress(kernel, "Module32Next");
                if (snap && heap_first && heap_next && heaplist_first &&
                        heaplist_next && process_first && process_next &&
@@ -546,6 +554,18 @@ int RAND_poll(void)
                FreeLibrary(kernel);
                }
+#endif /* !OPENSSL_SYS_WINCE */
+        /* timer data */
+        readtimer();
+        
+        /* memory usage statistics */
+        GlobalMemoryStatus(&m);
+        RAND_add(&m, sizeof(m), 1);
+        /* process ID */
+        w = GetCurrentProcessId();
+        RAND_add(&w, sizeof(w), 1);
 #if 0
        printf("Exiting RAND_poll\n");
@@ -607,7 +627,7 @@ static void readtimer(void)
        DWORD w;
        LARGE_INTEGER l;
        static int have_perfc = 1;
-#if defined(_MSC_VER) && !defined(OPENSSL_SYS_WINCE)
+#if defined(_MSC_VER) && defined(_M_X86)
        static int have_tsc = 1;
        DWORD cyclecount;
@@ -660,7 +680,7 @@ static void readtimer(void)
 static void readscreen(void)
 {
-#ifndef OPENSSL_SYS_WINCE
+#if !defined(OPENSSL_SYS_WINCE) && !defined(OPENSSL_SYS_WIN32_CYGWIN)
  HDC           hScrDC;         /* screen DC */
  HDC           hMemDC;         /* memory DC */
  HBITMAP       hBitmap;        /* handle for our bitmap */
diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c
index d88ee0d780..9bd89ba495 100644
--- a/src/lib/libcrypto/rand/randfile.c
+++ b/src/lib/libcrypto/rand/randfile.c
@@ -166,6 +166,7 @@ int RAND_write_file(const char *file)
        }
 #if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32)
+        {
        /* For some reason Win32 can't write to files created this way */
        
        /* chmod(..., 0600) is too late to protect the file,
@@ -173,6 +174,7 @@ int RAND_write_file(const char *file)
        int fd = open(file, O_CREAT, 0600);
        if (fd != -1)
                out = fdopen(fd, "wb");
+        }
 #endif
        if (out == NULL)
                out = fopen(file,"wb");