summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/rand
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/rand')
-rw-r--r--src/lib/libcrypto/rand/Makefile164
-rw-r--r--src/lib/libcrypto/rand/md_rand.c590
-rw-r--r--src/lib/libcrypto/rand/rand_egd.c303
-rw-r--r--src/lib/libcrypto/rand/rand_lcl.h158
-rw-r--r--src/lib/libcrypto/rand/rand_nw.c183
-rw-r--r--src/lib/libcrypto/rand/rand_os2.c153
-rw-r--r--src/lib/libcrypto/rand/rand_unix.c385
-rw-r--r--src/lib/libcrypto/rand/rand_vms.c136
-rw-r--r--src/lib/libcrypto/rand/rand_win.c807
-rw-r--r--src/lib/libcrypto/rand/randfile.c6
-rw-r--r--src/lib/libcrypto/rand/randtest.c219
11 files changed, 3101 insertions, 3 deletions
diff --git a/src/lib/libcrypto/rand/Makefile b/src/lib/libcrypto/rand/Makefile
new file mode 100644
index 0000000000..27694aa664
--- /dev/null
+++ b/src/lib/libcrypto/rand/Makefile
@@ -0,0 +1,164 @@
1#
2# OpenSSL/crypto/rand/Makefile
3#
4
5DIR= rand
6TOP= ../..
7CC= cc
8INCLUDES=
9CFLAG=-g
10MAKEFILE= Makefile
11AR= ar r
12
13CFLAGS= $(INCLUDES) $(CFLAG)
14
15GENERAL=Makefile
16TEST= randtest.c
17APPS=
18
19LIB=$(TOP)/libcrypto.a
20LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c \
21 rand_win.c rand_unix.c rand_os2.c rand_nw.c
22LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o \
23 rand_win.o rand_unix.o rand_os2.o rand_nw.o
24
25SRC= $(LIBSRC)
26
27EXHEADER= rand.h
28HEADER= $(EXHEADER)
29
30ALL= $(GENERAL) $(SRC) $(HEADER)
31
32top:
33 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
34
35all: lib
36
37lib: $(LIBOBJ)
38 $(AR) $(LIB) $(LIBOBJ)
39 $(RANLIB) $(LIB) || echo Never mind.
40 @touch lib
41
42files:
43 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
44
45links:
46 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
47 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
48 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
49
50install:
51 @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
52 @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
53 do \
54 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
55 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
56 done;
57
58tags:
59 ctags $(SRC)
60
61tests:
62
63lint:
64 lint -DLINT $(INCLUDES) $(SRC)>fluff
65
66depend:
67 @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
68 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
69
70dclean:
71 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
72 mv -f Makefile.new $(MAKEFILE)
73
74clean:
75 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
76
77# DO NOT DELETE THIS LINE -- make depend depends on it.
78
79md_rand.o: ../../e_os.h ../../include/openssl/asn1.h
80md_rand.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
81md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
82md_rand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
83md_rand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
84md_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
85md_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
86md_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
87md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
88md_rand.o: md_rand.c rand_lcl.h
89rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/e_os2.h
90rand_egd.o: ../../include/openssl/opensslconf.h
91rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
92rand_egd.o: rand_egd.c
93rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
94rand_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
95rand_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
96rand_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
97rand_err.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
98rand_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
99rand_err.o: rand_err.c
100rand_lib.o: ../../e_os.h ../../include/openssl/asn1.h
101rand_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
102rand_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
103rand_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
104rand_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
105rand_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
106rand_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
107rand_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
108rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
109rand_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
110rand_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
111rand_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
112rand_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
113rand_lib.o: ../cryptlib.h rand_lib.c
114rand_nw.o: ../../e_os.h ../../include/openssl/asn1.h
115rand_nw.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
116rand_nw.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
117rand_nw.o: ../../include/openssl/err.h ../../include/openssl/evp.h
118rand_nw.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
119rand_nw.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
120rand_nw.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
121rand_nw.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
122rand_nw.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
123rand_nw.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h rand_nw.c
124rand_os2.o: ../../e_os.h ../../include/openssl/asn1.h
125rand_os2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
126rand_os2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
127rand_os2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
128rand_os2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
129rand_os2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
130rand_os2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
131rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
132rand_os2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
133rand_os2.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h
134rand_os2.o: rand_os2.c
135rand_unix.o: ../../e_os.h ../../include/openssl/asn1.h
136rand_unix.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
137rand_unix.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
138rand_unix.o: ../../include/openssl/err.h ../../include/openssl/evp.h
139rand_unix.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
140rand_unix.o: ../../include/openssl/objects.h
141rand_unix.o: ../../include/openssl/opensslconf.h
142rand_unix.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
143rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
144rand_unix.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
145rand_unix.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h
146rand_unix.o: rand_unix.c
147rand_win.o: ../../e_os.h ../../include/openssl/asn1.h
148rand_win.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
149rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
150rand_win.o: ../../include/openssl/err.h ../../include/openssl/evp.h
151rand_win.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
152rand_win.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
153rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
154rand_win.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
155rand_win.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
156rand_win.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h
157rand_win.o: rand_win.c
158randfile.o: ../../e_os.h ../../include/openssl/buffer.h
159randfile.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
160randfile.o: ../../include/openssl/opensslconf.h
161randfile.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
162randfile.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
163randfile.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
164randfile.o: randfile.c
diff --git a/src/lib/libcrypto/rand/md_rand.c b/src/lib/libcrypto/rand/md_rand.c
new file mode 100644
index 0000000000..88088ce73c
--- /dev/null
+++ b/src/lib/libcrypto/rand/md_rand.c
@@ -0,0 +1,590 @@
1/* crypto/rand/md_rand.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#ifdef MD_RAND_DEBUG
113# ifndef NDEBUG
114# define NDEBUG
115# endif
116#endif
117
118#include <assert.h>
119#include <stdio.h>
120#include <string.h>
121
122#include "e_os.h"
123
124#include <openssl/rand.h>
125#include "rand_lcl.h"
126
127#include <openssl/crypto.h>
128#include <openssl/err.h>
129
130#ifdef BN_DEBUG
131# define PREDICT
132#endif
133
134/* #define PREDICT 1 */
135
136#define STATE_SIZE 1023
137static int state_num=0,state_index=0;
138static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH];
139static unsigned char md[MD_DIGEST_LENGTH];
140static long md_count[2]={0,0};
141static double entropy=0;
142static int initialized=0;
143
144static unsigned int crypto_lock_rand = 0; /* may be set only when a thread
145 * holds CRYPTO_LOCK_RAND
146 * (to prevent double locking) */
147/* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */
148static CRYPTO_THREADID locking_threadid; /* valid iff crypto_lock_rand is set */
149
150
151#ifdef PREDICT
152int rand_predictable=0;
153#endif
154
155const char RAND_version[]="RAND" OPENSSL_VERSION_PTEXT;
156
157static void ssleay_rand_cleanup(void);
158static void ssleay_rand_seed(const void *buf, int num);
159static void ssleay_rand_add(const void *buf, int num, double add_entropy);
160static int ssleay_rand_bytes(unsigned char *buf, int num);
161static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);
162static int ssleay_rand_status(void);
163
164RAND_METHOD rand_ssleay_meth={
165 ssleay_rand_seed,
166 ssleay_rand_bytes,
167 ssleay_rand_cleanup,
168 ssleay_rand_add,
169 ssleay_rand_pseudo_bytes,
170 ssleay_rand_status
171 };
172
173RAND_METHOD *RAND_SSLeay(void)
174 {
175 return(&rand_ssleay_meth);
176 }
177
178static void ssleay_rand_cleanup(void)
179 {
180 OPENSSL_cleanse(state,sizeof(state));
181 state_num=0;
182 state_index=0;
183 OPENSSL_cleanse(md,MD_DIGEST_LENGTH);
184 md_count[0]=0;
185 md_count[1]=0;
186 entropy=0;
187 initialized=0;
188 }
189
190static void ssleay_rand_add(const void *buf, int num, double add)
191 {
192 int i,j,k,st_idx;
193 long md_c[2];
194 unsigned char local_md[MD_DIGEST_LENGTH];
195 EVP_MD_CTX m;
196 int do_not_lock;
197
198 /*
199 * (Based on the rand(3) manpage)
200 *
201 * The input is chopped up into units of 20 bytes (or less for
202 * the last block). Each of these blocks is run through the hash
203 * function as follows: The data passed to the hash function
204 * is the current 'md', the same number of bytes from the 'state'
205 * (the location determined by in incremented looping index) as
206 * the current 'block', the new key data 'block', and 'count'
207 * (which is incremented after each use).
208 * The result of this is kept in 'md' and also xored into the
209 * 'state' at the same locations that were used as input into the
210 * hash function.
211 */
212
213 /* check if we already have the lock */
214 if (crypto_lock_rand)
215 {
216 CRYPTO_THREADID cur;
217 CRYPTO_THREADID_current(&cur);
218 CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
219 do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);
220 CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
221 }
222 else
223 do_not_lock = 0;
224
225 if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
226 st_idx=state_index;
227
228 /* use our own copies of the counters so that even
229 * if a concurrent thread seeds with exactly the
230 * same data and uses the same subarray there's _some_
231 * difference */
232 md_c[0] = md_count[0];
233 md_c[1] = md_count[1];
234
235 memcpy(local_md, md, sizeof md);
236
237 /* state_index <= state_num <= STATE_SIZE */
238 state_index += num;
239 if (state_index >= STATE_SIZE)
240 {
241 state_index%=STATE_SIZE;
242 state_num=STATE_SIZE;
243 }
244 else if (state_num < STATE_SIZE)
245 {
246 if (state_index > state_num)
247 state_num=state_index;
248 }
249 /* state_index <= state_num <= STATE_SIZE */
250
251 /* state[st_idx], ..., state[(st_idx + num - 1) % STATE_SIZE]
252 * are what we will use now, but other threads may use them
253 * as well */
254
255 md_count[1] += (num / MD_DIGEST_LENGTH) + (num % MD_DIGEST_LENGTH > 0);
256
257 if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
258
259 EVP_MD_CTX_init(&m);
260 for (i=0; i<num; i+=MD_DIGEST_LENGTH)
261 {
262 j=(num-i);
263 j=(j > MD_DIGEST_LENGTH)?MD_DIGEST_LENGTH:j;
264
265 MD_Init(&m);
266 MD_Update(&m,local_md,MD_DIGEST_LENGTH);
267 k=(st_idx+j)-STATE_SIZE;
268 if (k > 0)
269 {
270 MD_Update(&m,&(state[st_idx]),j-k);
271 MD_Update(&m,&(state[0]),k);
272 }
273 else
274 MD_Update(&m,&(state[st_idx]),j);
275
276 /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
277 MD_Update(&m,buf,j);
278 /* We know that line may cause programs such as
279 purify and valgrind to complain about use of
280 uninitialized data. The problem is not, it's
281 with the caller. Removing that line will make
282 sure you get really bad randomness and thereby
283 other problems such as very insecure keys. */
284
285 MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
286 MD_Final(&m,local_md);
287 md_c[1]++;
288
289 buf=(const char *)buf + j;
290
291 for (k=0; k<j; k++)
292 {
293 /* Parallel threads may interfere with this,
294 * but always each byte of the new state is
295 * the XOR of some previous value of its
296 * and local_md (itermediate values may be lost).
297 * Alway using locking could hurt performance more
298 * than necessary given that conflicts occur only
299 * when the total seeding is longer than the random
300 * state. */
301 state[st_idx++]^=local_md[k];
302 if (st_idx >= STATE_SIZE)
303 st_idx=0;
304 }
305 }
306 EVP_MD_CTX_cleanup(&m);
307
308 if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
309 /* Don't just copy back local_md into md -- this could mean that
310 * other thread's seeding remains without effect (except for
311 * the incremented counter). By XORing it we keep at least as
312 * much entropy as fits into md. */
313 for (k = 0; k < (int)sizeof(md); k++)
314 {
315 md[k] ^= local_md[k];
316 }
317 if (entropy < ENTROPY_NEEDED) /* stop counting when we have enough */
318 entropy += add;
319 if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
320
321#if !defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32)
322 assert(md_c[1] == md_count[1]);
323#endif
324 }
325
326static void ssleay_rand_seed(const void *buf, int num)
327 {
328 ssleay_rand_add(buf, num, (double)num);
329 }
330
331static int ssleay_rand_bytes(unsigned char *buf, int num)
332 {
333 static volatile int stirred_pool = 0;
334 int i,j,k,st_num,st_idx;
335 int num_ceil;
336 int ok;
337 long md_c[2];
338 unsigned char local_md[MD_DIGEST_LENGTH];
339 EVP_MD_CTX m;
340#ifndef GETPID_IS_MEANINGLESS
341 pid_t curr_pid = getpid();
342#endif
343 int do_stir_pool = 0;
344
345#ifdef PREDICT
346 if (rand_predictable)
347 {
348 static unsigned char val=0;
349
350 for (i=0; i<num; i++)
351 buf[i]=val++;
352 return(1);
353 }
354#endif
355
356 if (num <= 0)
357 return 1;
358
359 EVP_MD_CTX_init(&m);
360 /* round upwards to multiple of MD_DIGEST_LENGTH/2 */
361 num_ceil = (1 + (num-1)/(MD_DIGEST_LENGTH/2)) * (MD_DIGEST_LENGTH/2);
362
363 /*
364 * (Based on the rand(3) manpage:)
365 *
366 * For each group of 10 bytes (or less), we do the following:
367 *
368 * Input into the hash function the local 'md' (which is initialized from
369 * the global 'md' before any bytes are generated), the bytes that are to
370 * be overwritten by the random bytes, and bytes from the 'state'
371 * (incrementing looping index). From this digest output (which is kept
372 * in 'md'), the top (up to) 10 bytes are returned to the caller and the
373 * bottom 10 bytes are xored into the 'state'.
374 *
375 * Finally, after we have finished 'num' random bytes for the
376 * caller, 'count' (which is incremented) and the local and global 'md'
377 * are fed into the hash function and the results are kept in the
378 * global 'md'.
379 */
380
381 CRYPTO_w_lock(CRYPTO_LOCK_RAND);
382
383 /* prevent ssleay_rand_bytes() from trying to obtain the lock again */
384 CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
385 CRYPTO_THREADID_current(&locking_threadid);
386 CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
387 crypto_lock_rand = 1;
388
389 if (!initialized)
390 {
391 RAND_poll();
392 initialized = 1;
393 }
394
395 if (!stirred_pool)
396 do_stir_pool = 1;
397
398 ok = (entropy >= ENTROPY_NEEDED);
399 if (!ok)
400 {
401 /* If the PRNG state is not yet unpredictable, then seeing
402 * the PRNG output may help attackers to determine the new
403 * state; thus we have to decrease the entropy estimate.
404 * Once we've had enough initial seeding we don't bother to
405 * adjust the entropy count, though, because we're not ambitious
406 * to provide *information-theoretic* randomness.
407 *
408 * NOTE: This approach fails if the program forks before
409 * we have enough entropy. Entropy should be collected
410 * in a separate input pool and be transferred to the
411 * output pool only when the entropy limit has been reached.
412 */
413 entropy -= num;
414 if (entropy < 0)
415 entropy = 0;
416 }
417
418 if (do_stir_pool)
419 {
420 /* In the output function only half of 'md' remains secret,
421 * so we better make sure that the required entropy gets
422 * 'evenly distributed' through 'state', our randomness pool.
423 * The input function (ssleay_rand_add) chains all of 'md',
424 * which makes it more suitable for this purpose.
425 */
426
427 int n = STATE_SIZE; /* so that the complete pool gets accessed */
428 while (n > 0)
429 {
430#if MD_DIGEST_LENGTH > 20
431# error "Please adjust DUMMY_SEED."
432#endif
433#define DUMMY_SEED "...................." /* at least MD_DIGEST_LENGTH */
434 /* Note that the seed does not matter, it's just that
435 * ssleay_rand_add expects to have something to hash. */
436 ssleay_rand_add(DUMMY_SEED, MD_DIGEST_LENGTH, 0.0);
437 n -= MD_DIGEST_LENGTH;
438 }
439 if (ok)
440 stirred_pool = 1;
441 }
442
443 st_idx=state_index;
444 st_num=state_num;
445 md_c[0] = md_count[0];
446 md_c[1] = md_count[1];
447 memcpy(local_md, md, sizeof md);
448
449 state_index+=num_ceil;
450 if (state_index > state_num)
451 state_index %= state_num;
452
453 /* state[st_idx], ..., state[(st_idx + num_ceil - 1) % st_num]
454 * are now ours (but other threads may use them too) */
455
456 md_count[0] += 1;
457
458 /* before unlocking, we must clear 'crypto_lock_rand' */
459 crypto_lock_rand = 0;
460 CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
461
462 while (num > 0)
463 {
464 /* num_ceil -= MD_DIGEST_LENGTH/2 */
465 j=(num >= MD_DIGEST_LENGTH/2)?MD_DIGEST_LENGTH/2:num;
466 num-=j;
467 MD_Init(&m);
468#ifndef GETPID_IS_MEANINGLESS
469 if (curr_pid) /* just in the first iteration to save time */
470 {
471 MD_Update(&m,(unsigned char*)&curr_pid,sizeof curr_pid);
472 curr_pid = 0;
473 }
474#endif
475 MD_Update(&m,local_md,MD_DIGEST_LENGTH);
476 MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
477
478#ifndef PURIFY /* purify complains */
479 /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
480 MD_Update(&m,buf,j);
481 /* We know that line may cause programs such as
482 purify and valgrind to complain about use of
483 uninitialized data. */
484#endif
485
486 k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;
487 if (k > 0)
488 {
489 MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2-k);
490 MD_Update(&m,&(state[0]),k);
491 }
492 else
493 MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2);
494 MD_Final(&m,local_md);
495
496 for (i=0; i<MD_DIGEST_LENGTH/2; i++)
497 {
498 state[st_idx++]^=local_md[i]; /* may compete with other threads */
499 if (st_idx >= st_num)
500 st_idx=0;
501 if (i < j)
502 *(buf++)=local_md[i+MD_DIGEST_LENGTH/2];
503 }
504 }
505
506 MD_Init(&m);
507 MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
508 MD_Update(&m,local_md,MD_DIGEST_LENGTH);
509 CRYPTO_w_lock(CRYPTO_LOCK_RAND);
510 MD_Update(&m,md,MD_DIGEST_LENGTH);
511 MD_Final(&m,md);
512 CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
513
514 EVP_MD_CTX_cleanup(&m);
515 if (ok)
516 return(1);
517 else
518 {
519 RANDerr(RAND_F_SSLEAY_RAND_BYTES,RAND_R_PRNG_NOT_SEEDED);
520 ERR_add_error_data(1, "You need to read the OpenSSL FAQ, "
521 "http://www.openssl.org/support/faq.html");
522 return(0);
523 }
524 }
525
526/* pseudo-random bytes that are guaranteed to be unique but not
527 unpredictable */
528static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
529 {
530 int ret;
531 unsigned long err;
532
533 ret = RAND_bytes(buf, num);
534 if (ret == 0)
535 {
536 err = ERR_peek_error();
537 if (ERR_GET_LIB(err) == ERR_LIB_RAND &&
538 ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED)
539 ERR_clear_error();
540 }
541 return (ret);
542 }
543
544static int ssleay_rand_status(void)
545 {
546 CRYPTO_THREADID cur;
547 int ret;
548 int do_not_lock;
549
550 CRYPTO_THREADID_current(&cur);
551 /* check if we already have the lock
552 * (could happen if a RAND_poll() implementation calls RAND_status()) */
553 if (crypto_lock_rand)
554 {
555 CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
556 do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);
557 CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
558 }
559 else
560 do_not_lock = 0;
561
562 if (!do_not_lock)
563 {
564 CRYPTO_w_lock(CRYPTO_LOCK_RAND);
565
566 /* prevent ssleay_rand_bytes() from trying to obtain the lock again */
567 CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
568 CRYPTO_THREADID_cpy(&locking_threadid, &cur);
569 CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
570 crypto_lock_rand = 1;
571 }
572
573 if (!initialized)
574 {
575 RAND_poll();
576 initialized = 1;
577 }
578
579 ret = entropy >= ENTROPY_NEEDED;
580
581 if (!do_not_lock)
582 {
583 /* before unlocking, we must clear 'crypto_lock_rand' */
584 crypto_lock_rand = 0;
585
586 CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
587 }
588
589 return ret;
590 }
diff --git a/src/lib/libcrypto/rand/rand_egd.c b/src/lib/libcrypto/rand/rand_egd.c
new file mode 100644
index 0000000000..d53b916ebe
--- /dev/null
+++ b/src/lib/libcrypto/rand/rand_egd.c
@@ -0,0 +1,303 @@
1/* crypto/rand/rand_egd.c */
2/* Written by Ulf Moeller and Lutz Jaenicke for the OpenSSL project. */
3/* ====================================================================
4 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 *
18 * 3. All advertising materials mentioning features or use of this
19 * software must display the following acknowledgment:
20 * "This product includes software developed by the OpenSSL Project
21 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
22 *
23 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
24 * endorse or promote products derived from this software without
25 * prior written permission. For written permission, please contact
26 * openssl-core@openssl.org.
27 *
28 * 5. Products derived from this software may not be called "OpenSSL"
29 * nor may "OpenSSL" appear in their names without prior written
30 * permission of the OpenSSL Project.
31 *
32 * 6. Redistributions of any form whatsoever must retain the following
33 * acknowledgment:
34 * "This product includes software developed by the OpenSSL Project
35 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
36 *
37 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
38 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
39 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
40 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
41 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
42 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
43 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
44 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
45 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
46 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
47 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
48 * OF THE POSSIBILITY OF SUCH DAMAGE.
49 * ====================================================================
50 *
51 * This product includes cryptographic software written by Eric Young
52 * (eay@cryptsoft.com). This product includes software written by Tim
53 * Hudson (tjh@cryptsoft.com).
54 *
55 */
56
57#include <openssl/e_os2.h>
58#include <openssl/rand.h>
59#include <openssl/buffer.h>
60
61/*
62 * Query the EGD <URL: http://www.lothar.com/tech/crypto/>.
63 *
64 * This module supplies three routines:
65 *
66 * RAND_query_egd_bytes(path, buf, bytes)
67 * will actually query "bytes" bytes of entropy form the egd-socket located
68 * at path and will write them to buf (if supplied) or will directly feed
69 * it to RAND_seed() if buf==NULL.
70 * The number of bytes is not limited by the maximum chunk size of EGD,
71 * which is 255 bytes. If more than 255 bytes are wanted, several chunks
72 * of entropy bytes are requested. The connection is left open until the
73 * query is competed.
74 * RAND_query_egd_bytes() returns with
75 * -1 if an error occured during connection or communication.
76 * num the number of bytes read from the EGD socket. This number is either
77 * the number of bytes requested or smaller, if the EGD pool is
78 * drained and the daemon signals that the pool is empty.
79 * This routine does not touch any RAND_status(). This is necessary, since
80 * PRNG functions may call it during initialization.
81 *
82 * RAND_egd_bytes(path, bytes) will query "bytes" bytes and have them
83 * used to seed the PRNG.
84 * RAND_egd_bytes() is a wrapper for RAND_query_egd_bytes() with buf=NULL.
85 * Unlike RAND_query_egd_bytes(), RAND_status() is used to test the
86 * seed status so that the return value can reflect the seed state:
87 * -1 if an error occured during connection or communication _or_
88 * if the PRNG has still not received the required seeding.
89 * num the number of bytes read from the EGD socket. This number is either
90 * the number of bytes requested or smaller, if the EGD pool is
91 * drained and the daemon signals that the pool is empty.
92 *
93 * RAND_egd(path) will query 255 bytes and use the bytes retreived to seed
94 * the PRNG.
95 * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
96 */
97
98#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_BEOS)
99int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
100 {
101 return(-1);
102 }
103int RAND_egd(const char *path)
104 {
105 return(-1);
106 }
107
108int RAND_egd_bytes(const char *path,int bytes)
109 {
110 return(-1);
111 }
112#else
113#include <openssl/opensslconf.h>
114#include OPENSSL_UNISTD
115#include <sys/types.h>
116#include <sys/socket.h>
117#ifndef NO_SYS_UN_H
118# ifdef OPENSSL_SYS_VXWORKS
119# include <streams/un.h>
120# else
121# include <sys/un.h>
122# endif
123#else
124struct sockaddr_un {
125 short sun_family; /* AF_UNIX */
126 char sun_path[108]; /* path name (gag) */
127};
128#endif /* NO_SYS_UN_H */
129#include <string.h>
130#include <errno.h>
131
132#ifndef offsetof
133# define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER)
134#endif
135
136int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
137 {
138 int ret = 0;
139 struct sockaddr_un addr;
140 int len, num, numbytes;
141 int fd = -1;
142 int success;
143 unsigned char egdbuf[2], tempbuf[255], *retrievebuf;
144
145 memset(&addr, 0, sizeof(addr));
146 addr.sun_family = AF_UNIX;
147 if (strlen(path) >= sizeof(addr.sun_path))
148 return (-1);
149 BUF_strlcpy(addr.sun_path,path,sizeof addr.sun_path);
150 len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
151 fd = socket(AF_UNIX, SOCK_STREAM, 0);
152 if (fd == -1) return (-1);
153 success = 0;
154 while (!success)
155 {
156 if (connect(fd, (struct sockaddr *)&addr, len) == 0)
157 success = 1;
158 else
159 {
160 switch (errno)
161 {
162#ifdef EINTR
163 case EINTR:
164#endif
165#ifdef EAGAIN
166 case EAGAIN:
167#endif
168#ifdef EINPROGRESS
169 case EINPROGRESS:
170#endif
171#ifdef EALREADY
172 case EALREADY:
173#endif
174 /* No error, try again */
175 break;
176#ifdef EISCONN
177 case EISCONN:
178 success = 1;
179 break;
180#endif
181 default:
182 goto err; /* failure */
183 }
184 }
185 }
186
187 while(bytes > 0)
188 {
189 egdbuf[0] = 1;
190 egdbuf[1] = bytes < 255 ? bytes : 255;
191 numbytes = 0;
192 while (numbytes != 2)
193 {
194 num = write(fd, egdbuf + numbytes, 2 - numbytes);
195 if (num >= 0)
196 numbytes += num;
197 else
198 {
199 switch (errno)
200 {
201#ifdef EINTR
202 case EINTR:
203#endif
204#ifdef EAGAIN
205 case EAGAIN:
206#endif
207 /* No error, try again */
208 break;
209 default:
210 ret = -1;
211 goto err; /* failure */
212 }
213 }
214 }
215 numbytes = 0;
216 while (numbytes != 1)
217 {
218 num = read(fd, egdbuf, 1);
219 if (num == 0)
220 goto err; /* descriptor closed */
221 else if (num > 0)
222 numbytes += num;
223 else
224 {
225 switch (errno)
226 {
227#ifdef EINTR
228 case EINTR:
229#endif
230#ifdef EAGAIN
231 case EAGAIN:
232#endif
233 /* No error, try again */
234 break;
235 default:
236 ret = -1;
237 goto err; /* failure */
238 }
239 }
240 }
241 if(egdbuf[0] == 0)
242 goto err;
243 if (buf)
244 retrievebuf = buf + ret;
245 else
246 retrievebuf = tempbuf;
247 numbytes = 0;
248 while (numbytes != egdbuf[0])
249 {
250 num = read(fd, retrievebuf + numbytes, egdbuf[0] - numbytes);
251 if (num == 0)
252 goto err; /* descriptor closed */
253 else if (num > 0)
254 numbytes += num;
255 else
256 {
257 switch (errno)
258 {
259#ifdef EINTR
260 case EINTR:
261#endif
262#ifdef EAGAIN
263 case EAGAIN:
264#endif
265 /* No error, try again */
266 break;
267 default:
268 ret = -1;
269 goto err; /* failure */
270 }
271 }
272 }
273 ret += egdbuf[0];
274 bytes -= egdbuf[0];
275 if (!buf)
276 RAND_seed(tempbuf, egdbuf[0]);
277 }
278 err:
279 if (fd != -1) close(fd);
280 return(ret);
281 }
282
283
284int RAND_egd_bytes(const char *path, int bytes)
285 {
286 int num, ret = 0;
287
288 num = RAND_query_egd_bytes(path, NULL, bytes);
289 if (num < 1) goto err;
290 if (RAND_status() == 1)
291 ret = num;
292 err:
293 return(ret);
294 }
295
296
297int RAND_egd(const char *path)
298 {
299 return (RAND_egd_bytes(path, 255));
300 }
301
302
303#endif
diff --git a/src/lib/libcrypto/rand/rand_lcl.h b/src/lib/libcrypto/rand/rand_lcl.h
new file mode 100644
index 0000000000..618a8ec899
--- /dev/null
+++ b/src/lib/libcrypto/rand/rand_lcl.h
@@ -0,0 +1,158 @@
1/* crypto/rand/rand_lcl.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#ifndef HEADER_RAND_LCL_H
113#define HEADER_RAND_LCL_H
114
115#define ENTROPY_NEEDED 32 /* require 256 bits = 32 bytes of randomness */
116
117
118#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
119#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
120#define USE_SHA1_RAND
121#elif !defined(OPENSSL_NO_MD5)
122#define USE_MD5_RAND
123#elif !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)
124#define USE_MDC2_RAND
125#elif !defined(OPENSSL_NO_MD2)
126#define USE_MD2_RAND
127#else
128#error No message digest algorithm available
129#endif
130#endif
131
132#include <openssl/evp.h>
133#define MD_Update(a,b,c) EVP_DigestUpdate(a,b,c)
134#define MD_Final(a,b) EVP_DigestFinal_ex(a,b,NULL)
135#if defined(USE_MD5_RAND)
136#include <openssl/md5.h>
137#define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH
138#define MD_Init(a) EVP_DigestInit_ex(a,EVP_md5(), NULL)
139#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md5(), NULL)
140#elif defined(USE_SHA1_RAND)
141#include <openssl/sha.h>
142#define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH
143#define MD_Init(a) EVP_DigestInit_ex(a,EVP_sha1(), NULL)
144#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_sha1(), NULL)
145#elif defined(USE_MDC2_RAND)
146#include <openssl/mdc2.h>
147#define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH
148#define MD_Init(a) EVP_DigestInit_ex(a,EVP_mdc2(), NULL)
149#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_mdc2(), NULL)
150#elif defined(USE_MD2_RAND)
151#include <openssl/md2.h>
152#define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH
153#define MD_Init(a) EVP_DigestInit_ex(a,EVP_md2(), NULL)
154#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md2(), NULL)
155#endif
156
157
158#endif
diff --git a/src/lib/libcrypto/rand/rand_nw.c b/src/lib/libcrypto/rand/rand_nw.c
new file mode 100644
index 0000000000..8d5b8d2e32
--- /dev/null
+++ b/src/lib/libcrypto/rand/rand_nw.c
@@ -0,0 +1,183 @@
1/* crypto/rand/rand_nw.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include "cryptlib.h"
113#include <openssl/rand.h>
114#include "rand_lcl.h"
115
116#if defined (OPENSSL_SYS_NETWARE)
117
118#if defined(NETWARE_LIBC)
119#include <nks/thread.h>
120#else
121#include <nwthread.h>
122#endif
123
124extern int GetProcessSwitchCount(void);
125#if !defined(NETWARE_LIBC) || (CURRENT_NDK_THRESHOLD < 509220000)
126extern void *RunningProcess; /* declare here same as found in newer NDKs */
127extern unsigned long GetSuperHighResolutionTimer(void);
128#endif
129
130 /* the FAQ indicates we need to provide at least 20 bytes (160 bits) of seed
131 */
132int RAND_poll(void)
133{
134 unsigned long l;
135 unsigned long tsc;
136 int i;
137
138 /* There are several options to gather miscellaneous data
139 * but for now we will loop checking the time stamp counter (rdtsc) and
140 * the SuperHighResolutionTimer. Each iteration will collect 8 bytes
141 * of data but it is treated as only 1 byte of entropy. The call to
142 * ThreadSwitchWithDelay() will introduce additional variability into
143 * the data returned by rdtsc.
144 *
145 * Applications can agument the seed material by adding additional
146 * stuff with RAND_add() and should probably do so.
147 */
148 l = GetProcessSwitchCount();
149 RAND_add(&l,sizeof(l),1);
150
151 /* need to cast the void* to unsigned long here */
152 l = (unsigned long)RunningProcess;
153 RAND_add(&l,sizeof(l),1);
154
155 for( i=2; i<ENTROPY_NEEDED; i++)
156 {
157#ifdef __MWERKS__
158 asm
159 {
160 rdtsc
161 mov tsc, eax
162 }
163#elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
164 asm volatile("rdtsc":"=a"(tsc)::"edx");
165#endif
166
167 RAND_add(&tsc, sizeof(tsc), 1);
168
169 l = GetSuperHighResolutionTimer();
170 RAND_add(&l, sizeof(l), 0);
171
172# if defined(NETWARE_LIBC)
173 NXThreadYield();
174# else /* NETWARE_CLIB */
175 ThreadSwitchWithDelay();
176# endif
177 }
178
179 return 1;
180}
181
182#endif
183
diff --git a/src/lib/libcrypto/rand/rand_os2.c b/src/lib/libcrypto/rand/rand_os2.c
new file mode 100644
index 0000000000..fc1e78b179
--- /dev/null
+++ b/src/lib/libcrypto/rand/rand_os2.c
@@ -0,0 +1,153 @@
1/* crypto/rand/rand_os2.c */
2/* ====================================================================
3 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@openssl.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56#include "cryptlib.h"
57#include <openssl/rand.h>
58#include "rand_lcl.h"
59
60#ifdef OPENSSL_SYS_OS2
61
62#define INCL_DOSPROCESS
63#define INCL_DOSPROFILE
64#define INCL_DOSMISC
65#define INCL_DOSMODULEMGR
66#include <os2.h>
67
68#define CMD_KI_RDCNT (0x63)
69
70typedef struct _CPUUTIL {
71 ULONG ulTimeLow; /* Low 32 bits of time stamp */
72 ULONG ulTimeHigh; /* High 32 bits of time stamp */
73 ULONG ulIdleLow; /* Low 32 bits of idle time */
74 ULONG ulIdleHigh; /* High 32 bits of idle time */
75 ULONG ulBusyLow; /* Low 32 bits of busy time */
76 ULONG ulBusyHigh; /* High 32 bits of busy time */
77 ULONG ulIntrLow; /* Low 32 bits of interrupt time */
78 ULONG ulIntrHigh; /* High 32 bits of interrupt time */
79} CPUUTIL;
80
81#ifndef __KLIBC__
82APIRET APIENTRY(*DosPerfSysCall) (ULONG ulCommand, ULONG ulParm1, ULONG ulParm2, ULONG ulParm3) = NULL;
83APIRET APIENTRY(*DosQuerySysState) (ULONG func, ULONG arg1, ULONG pid, ULONG _res_, PVOID buf, ULONG bufsz) = NULL;
84#endif
85HMODULE hDoscalls = 0;
86
87int RAND_poll(void)
88{
89 char failed_module[20];
90 QWORD qwTime;
91 ULONG SysVars[QSV_FOREGROUND_PROCESS];
92
93 if (hDoscalls == 0) {
94 ULONG rc = DosLoadModule(failed_module, sizeof(failed_module), "DOSCALLS", &hDoscalls);
95
96#ifndef __KLIBC__
97 if (rc == 0) {
98 rc = DosQueryProcAddr(hDoscalls, 976, NULL, (PFN *)&DosPerfSysCall);
99
100 if (rc)
101 DosPerfSysCall = NULL;
102
103 rc = DosQueryProcAddr(hDoscalls, 368, NULL, (PFN *)&DosQuerySysState);
104
105 if (rc)
106 DosQuerySysState = NULL;
107 }
108#endif
109 }
110
111 /* Sample the hi-res timer, runs at around 1.1 MHz */
112 DosTmrQueryTime(&qwTime);
113 RAND_add(&qwTime, sizeof(qwTime), 2);
114
115 /* Sample a bunch of system variables, includes various process & memory statistics */
116 DosQuerySysInfo(1, QSV_FOREGROUND_PROCESS, SysVars, sizeof(SysVars));
117 RAND_add(SysVars, sizeof(SysVars), 4);
118
119 /* If available, sample CPU registers that count at CPU MHz
120 * Only fairly new CPUs (PPro & K6 onwards) & OS/2 versions support this
121 */
122 if (DosPerfSysCall) {
123 CPUUTIL util;
124
125 if (DosPerfSysCall(CMD_KI_RDCNT, (ULONG)&util, 0, 0) == 0) {
126 RAND_add(&util, sizeof(util), 10);
127 }
128 else {
129#ifndef __KLIBC__
130 DosPerfSysCall = NULL;
131#endif
132 }
133 }
134
135 /* DosQuerySysState() gives us a huge quantity of process, thread, memory & handle stats */
136 if (DosQuerySysState) {
137 char *buffer = OPENSSL_malloc(256 * 1024);
138
139 if (DosQuerySysState(0x1F, 0, 0, 0, buffer, 256 * 1024) == 0) {
140 /* First 4 bytes in buffer is a pointer to the thread count
141 * there should be at least 1 byte of entropy per thread
142 */
143 RAND_add(buffer, 256 * 1024, **(ULONG **)buffer);
144 }
145
146 OPENSSL_free(buffer);
147 return 1;
148 }
149
150 return 0;
151}
152
153#endif /* OPENSSL_SYS_OS2 */
diff --git a/src/lib/libcrypto/rand/rand_unix.c b/src/lib/libcrypto/rand/rand_unix.c
new file mode 100644
index 0000000000..4bb9666e49
--- /dev/null
+++ b/src/lib/libcrypto/rand/rand_unix.c
@@ -0,0 +1,385 @@
1/* crypto/rand/rand_unix.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111#include <stdio.h>
112
113#define USE_SOCKETS
114#include "e_os.h"
115#include "cryptlib.h"
116#include <openssl/rand.h>
117#include "rand_lcl.h"
118
119#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))
120
121#include <sys/types.h>
122#include <sys/time.h>
123#include <sys/times.h>
124#include <sys/stat.h>
125#include <fcntl.h>
126#include <unistd.h>
127#include <time.h>
128#if defined(OPENSSL_SYS_LINUX) /* should actually be available virtually everywhere */
129# include <poll.h>
130#endif
131#include <limits.h>
132#ifndef FD_SETSIZE
133# define FD_SETSIZE (8*sizeof(fd_set))
134#endif
135
136#ifdef __VOS__
137int RAND_poll(void)
138{
139 unsigned char buf[ENTROPY_NEEDED];
140 pid_t curr_pid;
141 uid_t curr_uid;
142 static int first=1;
143 int i;
144 long rnd = 0;
145 struct timespec ts;
146 unsigned seed;
147
148/* The VOS random() function starts from a static seed so its
149 initial value is predictable. If random() returns the
150 initial value, reseed it with dynamic data. The VOS
151 real-time clock has a granularity of 1 nsec so it should be
152 reasonably difficult to predict its exact value. Do not
153 gratuitously reseed the PRNG because other code in this
154 process or thread may be using it. */
155
156 if (first) {
157 first = 0;
158 rnd = random ();
159 if (rnd == 1804289383) {
160 clock_gettime (CLOCK_REALTIME, &ts);
161 curr_pid = getpid();
162 curr_uid = getuid();
163 seed = ts.tv_sec ^ ts.tv_nsec ^ curr_pid ^ curr_uid;
164 srandom (seed);
165 }
166 }
167
168 for (i = 0; i < sizeof(buf); i++) {
169 if (i % 4 == 0)
170 rnd = random();
171 buf[i] = rnd;
172 rnd >>= 8;
173 }
174 RAND_add(buf, sizeof(buf), ENTROPY_NEEDED);
175 memset(buf, 0, sizeof(buf));
176
177 return 1;
178}
179#elif defined __OpenBSD__
180int RAND_poll(void)
181{
182 unsigned char buf[ENTROPY_NEEDED];
183
184 arc4random_buf(buf, sizeof(buf));
185 RAND_add(buf, sizeof(buf), sizeof(buf));
186 memset(buf, 0, sizeof(buf));
187
188 return 1;
189}
190#else /* !defined(__OpenBSD__) */
191int RAND_poll(void)
192{
193 unsigned long l;
194 pid_t curr_pid = getpid();
195#if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
196 unsigned char tmpbuf[ENTROPY_NEEDED];
197 int n = 0;
198#endif
199#ifdef DEVRANDOM
200 static const char *randomfiles[] = { DEVRANDOM };
201 struct stat randomstats[sizeof(randomfiles)/sizeof(randomfiles[0])];
202 int fd;
203 unsigned int i;
204#endif
205#ifdef DEVRANDOM_EGD
206 static const char *egdsockets[] = { DEVRANDOM_EGD, NULL };
207 const char **egdsocket = NULL;
208#endif
209
210#ifdef DEVRANDOM
211 memset(randomstats,0,sizeof(randomstats));
212 /* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
213 * have this. Use /dev/urandom if you can as /dev/random may block
214 * if it runs out of random entries. */
215
216 for (i = 0; (i < sizeof(randomfiles)/sizeof(randomfiles[0])) &&
217 (n < ENTROPY_NEEDED); i++)
218 {
219 if ((fd = open(randomfiles[i], O_RDONLY
220#ifdef O_NONBLOCK
221 |O_NONBLOCK
222#endif
223#ifdef O_BINARY
224 |O_BINARY
225#endif
226#ifdef O_NOCTTY /* If it happens to be a TTY (god forbid), do not make it
227 our controlling tty */
228 |O_NOCTTY
229#endif
230 )) >= 0)
231 {
232 int usec = 10*1000; /* spend 10ms on each file */
233 int r;
234 unsigned int j;
235 struct stat *st=&randomstats[i];
236
237 /* Avoid using same input... Used to be O_NOFOLLOW
238 * above, but it's not universally appropriate... */
239 if (fstat(fd,st) != 0) { close(fd); continue; }
240 for (j=0;j<i;j++)
241 {
242 if (randomstats[j].st_ino==st->st_ino &&
243 randomstats[j].st_dev==st->st_dev)
244 break;
245 }
246 if (j<i) { close(fd); continue; }
247
248 do
249 {
250 int try_read = 0;
251
252#if defined(OPENSSL_SYS_BEOS_R5)
253 /* select() is broken in BeOS R5, so we simply
254 * try to read something and snooze if we couldn't */
255 try_read = 1;
256
257#elif defined(OPENSSL_SYS_LINUX)
258 /* use poll() */
259 struct pollfd pset;
260
261 pset.fd = fd;
262 pset.events = POLLIN;
263 pset.revents = 0;
264
265 if (poll(&pset, 1, usec / 1000) < 0)
266 usec = 0;
267 else
268 try_read = (pset.revents & POLLIN) != 0;
269
270#else
271 /* use select() */
272 fd_set fset;
273 struct timeval t;
274
275 t.tv_sec = 0;
276 t.tv_usec = usec;
277
278 if (FD_SETSIZE > 0 && (unsigned)fd >= FD_SETSIZE)
279 {
280 /* can't use select, so just try to read once anyway */
281 try_read = 1;
282 }
283 else
284 {
285 FD_ZERO(&fset);
286 FD_SET(fd, &fset);
287
288 if (select(fd+1,&fset,NULL,NULL,&t) >= 0)
289 {
290 usec = t.tv_usec;
291 if (FD_ISSET(fd, &fset))
292 try_read = 1;
293 }
294 else
295 usec = 0;
296 }
297#endif
298
299 if (try_read)
300 {
301 r = read(fd,(unsigned char *)tmpbuf+n, ENTROPY_NEEDED-n);
302 if (r > 0)
303 n += r;
304#if defined(OPENSSL_SYS_BEOS_R5)
305 if (r == 0)
306 snooze(t.tv_usec);
307#endif
308 }
309 else
310 r = -1;
311
312 /* Some Unixen will update t in select(), some
313 won't. For those who won't, or if we
314 didn't use select() in the first place,
315 give up here, otherwise, we will do
316 this once again for the remaining
317 time. */
318 if (usec == 10*1000)
319 usec = 0;
320 }
321 while ((r > 0 ||
322 (errno == EINTR || errno == EAGAIN)) && usec != 0 && n < ENTROPY_NEEDED);
323
324 close(fd);
325 }
326 }
327#endif /* defined(DEVRANDOM) */
328
329#ifdef DEVRANDOM_EGD
330 /* Use an EGD socket to read entropy from an EGD or PRNGD entropy
331 * collecting daemon. */
332
333 for (egdsocket = egdsockets; *egdsocket && n < ENTROPY_NEEDED; egdsocket++)
334 {
335 int r;
336
337 r = RAND_query_egd_bytes(*egdsocket, (unsigned char *)tmpbuf+n,
338 ENTROPY_NEEDED-n);
339 if (r > 0)
340 n += r;
341 }
342#endif /* defined(DEVRANDOM_EGD) */
343
344#if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
345 if (n > 0)
346 {
347 RAND_add(tmpbuf,sizeof tmpbuf,(double)n);
348 OPENSSL_cleanse(tmpbuf,n);
349 }
350#endif
351
352 /* put in some default random data, we need more than just this */
353 l=curr_pid;
354 RAND_add(&l,sizeof(l),0.0);
355 l=getuid();
356 RAND_add(&l,sizeof(l),0.0);
357
358 l=time(NULL);
359 RAND_add(&l,sizeof(l),0.0);
360
361#if defined(OPENSSL_SYS_BEOS)
362 {
363 system_info sysInfo;
364 get_system_info(&sysInfo);
365 RAND_add(&sysInfo,sizeof(sysInfo),0);
366 }
367#endif
368
369#if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
370 return 1;
371#else
372 return 0;
373#endif
374}
375
376#endif /* defined(__OpenBSD__) */
377#endif /* !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) */
378
379
380#if defined(OPENSSL_SYS_VXWORKS)
381int RAND_poll(void)
382 {
383 return 0;
384 }
385#endif
diff --git a/src/lib/libcrypto/rand/rand_vms.c b/src/lib/libcrypto/rand/rand_vms.c
new file mode 100644
index 0000000000..1267a3acae
--- /dev/null
+++ b/src/lib/libcrypto/rand/rand_vms.c
@@ -0,0 +1,136 @@
1/* crypto/rand/rand_vms.c -*- mode:C; c-file-style: "eay" -*- */
2/* Written by Richard Levitte <richard@levitte.org> for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * openssl-core@openssl.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <openssl/rand.h>
60#include "rand_lcl.h"
61
62#if defined(OPENSSL_SYS_VMS)
63
64#include <descrip.h>
65#include <jpidef.h>
66#include <ssdef.h>
67#include <starlet.h>
68#ifdef __DECC
69# pragma message disable DOLLARID
70#endif
71
72static struct items_data_st
73 {
74 short length, code; /* length is amount of bytes */
75 } items_data[] =
76 { { 4, JPI$_BUFIO },
77 { 4, JPI$_CPUTIM },
78 { 4, JPI$_DIRIO },
79 { 8, JPI$_LOGINTIM },
80 { 4, JPI$_PAGEFLTS },
81 { 4, JPI$_PID },
82 { 4, JPI$_WSSIZE },
83 { 0, 0 }
84 };
85
86int RAND_poll(void)
87 {
88 long pid, iosb[2];
89 int status = 0;
90 struct
91 {
92 short length, code;
93 long *buffer;
94 int *retlen;
95 } item[32], *pitem;
96 unsigned char data_buffer[256];
97 short total_length = 0;
98 struct items_data_st *pitems_data;
99
100 pitems_data = items_data;
101 pitem = item;
102
103 /* Setup */
104 while (pitems_data->length
105 && (total_length + pitems_data->length <= 256))
106 {
107 pitem->length = pitems_data->length;
108 pitem->code = pitems_data->code;
109 pitem->buffer = (long *)&data_buffer[total_length];
110 pitem->retlen = 0;
111 total_length += pitems_data->length;
112 pitems_data++;
113 pitem++;
114 }
115 pitem->length = pitem->code = 0;
116
117 /*
118 * Scan through all the processes in the system and add entropy with
119 * results from the processes that were possible to look at.
120 * However, view the information as only half trustable.
121 */
122 pid = -1; /* search context */
123 while ((status = sys$getjpiw(0, &pid, 0, item, iosb, 0, 0))
124 != SS$_NOMOREPROC)
125 {
126 if (status == SS$_NORMAL)
127 {
128 RAND_add(data_buffer, total_length, total_length/2);
129 }
130 }
131 sys$gettim(iosb);
132 RAND_add((unsigned char *)iosb, sizeof(iosb), sizeof(iosb)/2);
133 return 1;
134}
135
136#endif
diff --git a/src/lib/libcrypto/rand/rand_win.c b/src/lib/libcrypto/rand/rand_win.c
new file mode 100644
index 0000000000..5d134e186b
--- /dev/null
+++ b/src/lib/libcrypto/rand/rand_win.c
@@ -0,0 +1,807 @@
1/* crypto/rand/rand_win.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include "cryptlib.h"
113#include <openssl/rand.h>
114#include "rand_lcl.h"
115
116#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
117#include <windows.h>
118#ifndef _WIN32_WINNT
119# define _WIN32_WINNT 0x0400
120#endif
121#include <wincrypt.h>
122#include <tlhelp32.h>
123
124/* Limit the time spent walking through the heap, processes, threads and modules to
125 a maximum of 1000 miliseconds each, unless CryptoGenRandom failed */
126#define MAXDELAY 1000
127
128/* Intel hardware RNG CSP -- available from
129 * http://developer.intel.com/design/security/rng/redist_license.htm
130 */
131#define PROV_INTEL_SEC 22
132#define INTEL_DEF_PROV L"Intel Hardware Cryptographic Service Provider"
133
134static void readtimer(void);
135static void readscreen(void);
136
137/* It appears like CURSORINFO, PCURSORINFO and LPCURSORINFO are only defined
138 when WINVER is 0x0500 and up, which currently only happens on Win2000.
139 Unfortunately, those are typedefs, so they're a little bit difficult to
140 detect properly. On the other hand, the macro CURSOR_SHOWING is defined
141 within the same conditional, so it can be use to detect the absence of said
142 typedefs. */
143
144#ifndef CURSOR_SHOWING
145/*
146 * Information about the global cursor.
147 */
148typedef struct tagCURSORINFO
149{
150 DWORD cbSize;
151 DWORD flags;
152 HCURSOR hCursor;
153 POINT ptScreenPos;
154} CURSORINFO, *PCURSORINFO, *LPCURSORINFO;
155
156#define CURSOR_SHOWING 0x00000001
157#endif /* CURSOR_SHOWING */
158
159#if !defined(OPENSSL_SYS_WINCE)
160typedef BOOL (WINAPI *CRYPTACQUIRECONTEXTW)(HCRYPTPROV *, LPCWSTR, LPCWSTR,
161 DWORD, DWORD);
162typedef BOOL (WINAPI *CRYPTGENRANDOM)(HCRYPTPROV, DWORD, BYTE *);
163typedef BOOL (WINAPI *CRYPTRELEASECONTEXT)(HCRYPTPROV, DWORD);
164
165typedef HWND (WINAPI *GETFOREGROUNDWINDOW)(VOID);
166typedef BOOL (WINAPI *GETCURSORINFO)(PCURSORINFO);
167typedef DWORD (WINAPI *GETQUEUESTATUS)(UINT);
168
169typedef HANDLE (WINAPI *CREATETOOLHELP32SNAPSHOT)(DWORD, DWORD);
170typedef BOOL (WINAPI *CLOSETOOLHELP32SNAPSHOT)(HANDLE);
171typedef BOOL (WINAPI *HEAP32FIRST)(LPHEAPENTRY32, DWORD, size_t);
172typedef BOOL (WINAPI *HEAP32NEXT)(LPHEAPENTRY32);
173typedef BOOL (WINAPI *HEAP32LIST)(HANDLE, LPHEAPLIST32);
174typedef BOOL (WINAPI *PROCESS32)(HANDLE, LPPROCESSENTRY32);
175typedef BOOL (WINAPI *THREAD32)(HANDLE, LPTHREADENTRY32);
176typedef BOOL (WINAPI *MODULE32)(HANDLE, LPMODULEENTRY32);
177
178#include <lmcons.h>
179#include <lmstats.h>
180#if 1 /* The NET API is Unicode only. It requires the use of the UNICODE
181 * macro. When UNICODE is defined LPTSTR becomes LPWSTR. LMSTR was
182 * was added to the Platform SDK to allow the NET API to be used in
183 * non-Unicode applications provided that Unicode strings were still
184 * used for input. LMSTR is defined as LPWSTR.
185 */
186typedef NET_API_STATUS (NET_API_FUNCTION * NETSTATGET)
187 (LPWSTR, LPWSTR, DWORD, DWORD, LPBYTE*);
188typedef NET_API_STATUS (NET_API_FUNCTION * NETFREE)(LPBYTE);
189#endif /* 1 */
190#endif /* !OPENSSL_SYS_WINCE */
191
192int RAND_poll(void)
193{
194 MEMORYSTATUS m;
195 HCRYPTPROV hProvider = 0;
196 DWORD w;
197 int good = 0;
198
199 /* Determine the OS version we are on so we can turn off things
200 * that do not work properly.
201 */
202 OSVERSIONINFO osverinfo ;
203 osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ;
204 GetVersionEx( &osverinfo ) ;
205
206#if defined(OPENSSL_SYS_WINCE)
207# if defined(_WIN32_WCE) && _WIN32_WCE>=300
208/* Even though MSDN says _WIN32_WCE>=210, it doesn't seem to be available
209 * in commonly available implementations prior 300... */
210 {
211 BYTE buf[64];
212 /* poll the CryptoAPI PRNG */
213 /* The CryptoAPI returns sizeof(buf) bytes of randomness */
214 if (CryptAcquireContextW(&hProvider, NULL, NULL, PROV_RSA_FULL,
215 CRYPT_VERIFYCONTEXT))
216 {
217 if (CryptGenRandom(hProvider, sizeof(buf), buf))
218 RAND_add(buf, sizeof(buf), sizeof(buf));
219 CryptReleaseContext(hProvider, 0);
220 }
221 }
222# endif
223#else /* OPENSSL_SYS_WINCE */
224 /*
225 * None of below libraries are present on Windows CE, which is
226 * why we #ifndef the whole section. This also excuses us from
227 * handling the GetProcAddress issue. The trouble is that in
228 * real Win32 API GetProcAddress is available in ANSI flavor
229 * only. In WinCE on the other hand GetProcAddress is a macro
230 * most commonly defined as GetProcAddressW, which accepts
231 * Unicode argument. If we were to call GetProcAddress under
232 * WinCE, I'd recommend to either redefine GetProcAddress as
233 * GetProcAddressA (there seem to be one in common CE spec) or
234 * implement own shim routine, which would accept ANSI argument
235 * and expand it to Unicode.
236 */
237 {
238 /* load functions dynamically - not available on all systems */
239 HMODULE advapi = LoadLibrary(TEXT("ADVAPI32.DLL"));
240 HMODULE kernel = LoadLibrary(TEXT("KERNEL32.DLL"));
241 HMODULE user = NULL;
242 HMODULE netapi = LoadLibrary(TEXT("NETAPI32.DLL"));
243 CRYPTACQUIRECONTEXTW acquire = NULL;
244 CRYPTGENRANDOM gen = NULL;
245 CRYPTRELEASECONTEXT release = NULL;
246 NETSTATGET netstatget = NULL;
247 NETFREE netfree = NULL;
248 BYTE buf[64];
249
250 if (netapi)
251 {
252 netstatget = (NETSTATGET) GetProcAddress(netapi,"NetStatisticsGet");
253 netfree = (NETFREE) GetProcAddress(netapi,"NetApiBufferFree");
254 }
255
256 if (netstatget && netfree)
257 {
258 LPBYTE outbuf;
259 /* NetStatisticsGet() is a Unicode only function
260 * STAT_WORKSTATION_0 contains 45 fields and STAT_SERVER_0
261 * contains 17 fields. We treat each field as a source of
262 * one byte of entropy.
263 */
264
265 if (netstatget(NULL, L"LanmanWorkstation", 0, 0, &outbuf) == 0)
266 {
267 RAND_add(outbuf, sizeof(STAT_WORKSTATION_0), 45);
268 netfree(outbuf);
269 }
270 if (netstatget(NULL, L"LanmanServer", 0, 0, &outbuf) == 0)
271 {
272 RAND_add(outbuf, sizeof(STAT_SERVER_0), 17);
273 netfree(outbuf);
274 }
275 }
276
277 if (netapi)
278 FreeLibrary(netapi);
279
280 /* It appears like this can cause an exception deep within ADVAPI32.DLL
281 * at random times on Windows 2000. Reported by Jeffrey Altman.
282 * Only use it on NT.
283 */
284 /* Wolfgang Marczy <WMarczy@topcall.co.at> reports that
285 * the RegQueryValueEx call below can hang on NT4.0 (SP6).
286 * So we don't use this at all for now. */
287#if 0
288 if ( osverinfo.dwPlatformId == VER_PLATFORM_WIN32_NT &&
289 osverinfo.dwMajorVersion < 5)
290 {
291 /* Read Performance Statistics from NT/2000 registry
292 * The size of the performance data can vary from call
293 * to call so we must guess the size of the buffer to use
294 * and increase its size if we get an ERROR_MORE_DATA
295 * return instead of ERROR_SUCCESS.
296 */
297 LONG rc=ERROR_MORE_DATA;
298 char * buf=NULL;
299 DWORD bufsz=0;
300 DWORD length;
301
302 while (rc == ERROR_MORE_DATA)
303 {
304 buf = realloc(buf,bufsz+8192);
305 if (!buf)
306 break;
307 bufsz += 8192;
308
309 length = bufsz;
310 rc = RegQueryValueEx(HKEY_PERFORMANCE_DATA, TEXT("Global"),
311 NULL, NULL, buf, &length);
312 }
313 if (rc == ERROR_SUCCESS)
314 {
315 /* For entropy count assume only least significant
316 * byte of each DWORD is random.
317 */
318 RAND_add(&length, sizeof(length), 0);
319 RAND_add(buf, length, length / 4.0);
320
321 /* Close the Registry Key to allow Windows to cleanup/close
322 * the open handle
323 * Note: The 'HKEY_PERFORMANCE_DATA' key is implicitly opened
324 * when the RegQueryValueEx above is done. However, if
325 * it is not explicitly closed, it can cause disk
326 * partition manipulation problems.
327 */
328 RegCloseKey(HKEY_PERFORMANCE_DATA);
329 }
330 if (buf)
331 free(buf);
332 }
333#endif
334
335 if (advapi)
336 {
337 /*
338 * If it's available, then it's available in both ANSI
339 * and UNICODE flavors even in Win9x, documentation says.
340 * We favor Unicode...
341 */
342 acquire = (CRYPTACQUIRECONTEXTW) GetProcAddress(advapi,
343 "CryptAcquireContextW");
344 gen = (CRYPTGENRANDOM) GetProcAddress(advapi,
345 "CryptGenRandom");
346 release = (CRYPTRELEASECONTEXT) GetProcAddress(advapi,
347 "CryptReleaseContext");
348 }
349
350 if (acquire && gen && release)
351 {
352 /* poll the CryptoAPI PRNG */
353 /* The CryptoAPI returns sizeof(buf) bytes of randomness */
354 if (acquire(&hProvider, NULL, NULL, PROV_RSA_FULL,
355 CRYPT_VERIFYCONTEXT))
356 {
357 if (gen(hProvider, sizeof(buf), buf) != 0)
358 {
359 RAND_add(buf, sizeof(buf), 0);
360 good = 1;
361#if 0
362 printf("randomness from PROV_RSA_FULL\n");
363#endif
364 }
365 release(hProvider, 0);
366 }
367
368 /* poll the Pentium PRG with CryptoAPI */
369 if (acquire(&hProvider, 0, INTEL_DEF_PROV, PROV_INTEL_SEC, 0))
370 {
371 if (gen(hProvider, sizeof(buf), buf) != 0)
372 {
373 RAND_add(buf, sizeof(buf), sizeof(buf));
374 good = 1;
375#if 0
376 printf("randomness from PROV_INTEL_SEC\n");
377#endif
378 }
379 release(hProvider, 0);
380 }
381 }
382
383 if (advapi)
384 FreeLibrary(advapi);
385
386 if ((osverinfo.dwPlatformId != VER_PLATFORM_WIN32_NT ||
387 !OPENSSL_isservice()) &&
388 (user = LoadLibrary(TEXT("USER32.DLL"))))
389 {
390 GETCURSORINFO cursor;
391 GETFOREGROUNDWINDOW win;
392 GETQUEUESTATUS queue;
393
394 win = (GETFOREGROUNDWINDOW) GetProcAddress(user, "GetForegroundWindow");
395 cursor = (GETCURSORINFO) GetProcAddress(user, "GetCursorInfo");
396 queue = (GETQUEUESTATUS) GetProcAddress(user, "GetQueueStatus");
397
398 if (win)
399 {
400 /* window handle */
401 HWND h = win();
402 RAND_add(&h, sizeof(h), 0);
403 }
404 if (cursor)
405 {
406 /* unfortunately, its not safe to call GetCursorInfo()
407 * on NT4 even though it exists in SP3 (or SP6) and
408 * higher.
409 */
410 if ( osverinfo.dwPlatformId == VER_PLATFORM_WIN32_NT &&
411 osverinfo.dwMajorVersion < 5)
412 cursor = 0;
413 }
414 if (cursor)
415 {
416 /* cursor position */
417 /* assume 2 bytes of entropy */
418 CURSORINFO ci;
419 ci.cbSize = sizeof(CURSORINFO);
420 if (cursor(&ci))
421 RAND_add(&ci, ci.cbSize, 2);
422 }
423
424 if (queue)
425 {
426 /* message queue status */
427 /* assume 1 byte of entropy */
428 w = queue(QS_ALLEVENTS);
429 RAND_add(&w, sizeof(w), 1);
430 }
431
432 FreeLibrary(user);
433 }
434
435 /* Toolhelp32 snapshot: enumerate processes, threads, modules and heap
436 * http://msdn.microsoft.com/library/psdk/winbase/toolhelp_5pfd.htm
437 * (Win 9x and 2000 only, not available on NT)
438 *
439 * This seeding method was proposed in Peter Gutmann, Software
440 * Generation of Practically Strong Random Numbers,
441 * http://www.usenix.org/publications/library/proceedings/sec98/gutmann.html
442 * revised version at http://www.cryptoengines.com/~peter/06_random.pdf
443 * (The assignment of entropy estimates below is arbitrary, but based
444 * on Peter's analysis the full poll appears to be safe. Additional
445 * interactive seeding is encouraged.)
446 */
447
448 if (kernel)
449 {
450 CREATETOOLHELP32SNAPSHOT snap;
451 CLOSETOOLHELP32SNAPSHOT close_snap;
452 HANDLE handle;
453
454 HEAP32FIRST heap_first;
455 HEAP32NEXT heap_next;
456 HEAP32LIST heaplist_first, heaplist_next;
457 PROCESS32 process_first, process_next;
458 THREAD32 thread_first, thread_next;
459 MODULE32 module_first, module_next;
460
461 HEAPLIST32 hlist;
462 HEAPENTRY32 hentry;
463 PROCESSENTRY32 p;
464 THREADENTRY32 t;
465 MODULEENTRY32 m;
466 DWORD starttime = 0;
467
468 snap = (CREATETOOLHELP32SNAPSHOT)
469 GetProcAddress(kernel, "CreateToolhelp32Snapshot");
470 close_snap = (CLOSETOOLHELP32SNAPSHOT)
471 GetProcAddress(kernel, "CloseToolhelp32Snapshot");
472 heap_first = (HEAP32FIRST) GetProcAddress(kernel, "Heap32First");
473 heap_next = (HEAP32NEXT) GetProcAddress(kernel, "Heap32Next");
474 heaplist_first = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListFirst");
475 heaplist_next = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListNext");
476 process_first = (PROCESS32) GetProcAddress(kernel, "Process32First");
477 process_next = (PROCESS32) GetProcAddress(kernel, "Process32Next");
478 thread_first = (THREAD32) GetProcAddress(kernel, "Thread32First");
479 thread_next = (THREAD32) GetProcAddress(kernel, "Thread32Next");
480 module_first = (MODULE32) GetProcAddress(kernel, "Module32First");
481 module_next = (MODULE32) GetProcAddress(kernel, "Module32Next");
482
483 if (snap && heap_first && heap_next && heaplist_first &&
484 heaplist_next && process_first && process_next &&
485 thread_first && thread_next && module_first &&
486 module_next && (handle = snap(TH32CS_SNAPALL,0))
487 != INVALID_HANDLE_VALUE)
488 {
489 /* heap list and heap walking */
490 /* HEAPLIST32 contains 3 fields that will change with
491 * each entry. Consider each field a source of 1 byte
492 * of entropy.
493 * HEAPENTRY32 contains 5 fields that will change with
494 * each entry. Consider each field a source of 1 byte
495 * of entropy.
496 */
497 ZeroMemory(&hlist, sizeof(HEAPLIST32));
498 hlist.dwSize = sizeof(HEAPLIST32);
499 if (good) starttime = GetTickCount();
500#ifdef _MSC_VER
501 if (heaplist_first(handle, &hlist))
502 {
503 /*
504 following discussion on dev ML, exception on WinCE (or other Win
505 platform) is theoretically of unknown origin; prevent infinite
506 loop here when this theoretical case occurs; otherwise cope with
507 the expected (MSDN documented) exception-throwing behaviour of
508 Heap32Next() on WinCE.
509
510 based on patch in original message by Tanguy Fautré (2009/03/02)
511 Subject: RAND_poll() and CreateToolhelp32Snapshot() stability
512 */
513 int ex_cnt_limit = 42;
514 do
515 {
516 RAND_add(&hlist, hlist.dwSize, 3);
517 __try
518 {
519 ZeroMemory(&hentry, sizeof(HEAPENTRY32));
520 hentry.dwSize = sizeof(HEAPENTRY32);
521 if (heap_first(&hentry,
522 hlist.th32ProcessID,
523 hlist.th32HeapID))
524 {
525 int entrycnt = 80;
526 do
527 RAND_add(&hentry,
528 hentry.dwSize, 5);
529 while (heap_next(&hentry)
530 && (!good || (GetTickCount()-starttime)<MAXDELAY)
531 && --entrycnt > 0);
532 }
533 }
534 __except (EXCEPTION_EXECUTE_HANDLER)
535 {
536 /* ignore access violations when walking the heap list */
537 ex_cnt_limit--;
538 }
539 } while (heaplist_next(handle, &hlist)
540 && (!good || (GetTickCount()-starttime)<MAXDELAY)
541 && ex_cnt_limit > 0);
542 }
543
544#else
545 if (heaplist_first(handle, &hlist))
546 {
547 do
548 {
549 RAND_add(&hlist, hlist.dwSize, 3);
550 hentry.dwSize = sizeof(HEAPENTRY32);
551 if (heap_first(&hentry,
552 hlist.th32ProcessID,
553 hlist.th32HeapID))
554 {
555 int entrycnt = 80;
556 do
557 RAND_add(&hentry,
558 hentry.dwSize, 5);
559 while (heap_next(&hentry)
560 && --entrycnt > 0);
561 }
562 } while (heaplist_next(handle, &hlist)
563 && (!good || (GetTickCount()-starttime)<MAXDELAY));
564 }
565#endif
566
567 /* process walking */
568 /* PROCESSENTRY32 contains 9 fields that will change
569 * with each entry. Consider each field a source of
570 * 1 byte of entropy.
571 */
572 p.dwSize = sizeof(PROCESSENTRY32);
573
574 if (good) starttime = GetTickCount();
575 if (process_first(handle, &p))
576 do
577 RAND_add(&p, p.dwSize, 9);
578 while (process_next(handle, &p) && (!good || (GetTickCount()-starttime)<MAXDELAY));
579
580 /* thread walking */
581 /* THREADENTRY32 contains 6 fields that will change
582 * with each entry. Consider each field a source of
583 * 1 byte of entropy.
584 */
585 t.dwSize = sizeof(THREADENTRY32);
586 if (good) starttime = GetTickCount();
587 if (thread_first(handle, &t))
588 do
589 RAND_add(&t, t.dwSize, 6);
590 while (thread_next(handle, &t) && (!good || (GetTickCount()-starttime)<MAXDELAY));
591
592 /* module walking */
593 /* MODULEENTRY32 contains 9 fields that will change
594 * with each entry. Consider each field a source of
595 * 1 byte of entropy.
596 */
597 m.dwSize = sizeof(MODULEENTRY32);
598 if (good) starttime = GetTickCount();
599 if (module_first(handle, &m))
600 do
601 RAND_add(&m, m.dwSize, 9);
602 while (module_next(handle, &m)
603 && (!good || (GetTickCount()-starttime)<MAXDELAY));
604 if (close_snap)
605 close_snap(handle);
606 else
607 CloseHandle(handle);
608
609 }
610
611 FreeLibrary(kernel);
612 }
613 }
614#endif /* !OPENSSL_SYS_WINCE */
615
616 /* timer data */
617 readtimer();
618
619 /* memory usage statistics */
620 GlobalMemoryStatus(&m);
621 RAND_add(&m, sizeof(m), 1);
622
623 /* process ID */
624 w = GetCurrentProcessId();
625 RAND_add(&w, sizeof(w), 1);
626
627#if 0
628 printf("Exiting RAND_poll\n");
629#endif
630
631 return(1);
632}
633
634int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam)
635 {
636 double add_entropy=0;
637
638 switch (iMsg)
639 {
640 case WM_KEYDOWN:
641 {
642 static WPARAM key;
643 if (key != wParam)
644 add_entropy = 0.05;
645 key = wParam;
646 }
647 break;
648 case WM_MOUSEMOVE:
649 {
650 static int lastx,lasty,lastdx,lastdy;
651 int x,y,dx,dy;
652
653 x=LOWORD(lParam);
654 y=HIWORD(lParam);
655 dx=lastx-x;
656 dy=lasty-y;
657 if (dx != 0 && dy != 0 && dx-lastdx != 0 && dy-lastdy != 0)
658 add_entropy=.2;
659 lastx=x, lasty=y;
660 lastdx=dx, lastdy=dy;
661 }
662 break;
663 }
664
665 readtimer();
666 RAND_add(&iMsg, sizeof(iMsg), add_entropy);
667 RAND_add(&wParam, sizeof(wParam), 0);
668 RAND_add(&lParam, sizeof(lParam), 0);
669
670 return (RAND_status());
671 }
672
673
674void RAND_screen(void) /* function available for backward compatibility */
675{
676 RAND_poll();
677 readscreen();
678}
679
680
681/* feed timing information to the PRNG */
682static void readtimer(void)
683{
684 DWORD w;
685 LARGE_INTEGER l;
686 static int have_perfc = 1;
687#if defined(_MSC_VER) && defined(_M_X86)
688 static int have_tsc = 1;
689 DWORD cyclecount;
690
691 if (have_tsc) {
692 __try {
693 __asm {
694 _emit 0x0f
695 _emit 0x31
696 mov cyclecount, eax
697 }
698 RAND_add(&cyclecount, sizeof(cyclecount), 1);
699 } __except(EXCEPTION_EXECUTE_HANDLER) {
700 have_tsc = 0;
701 }
702 }
703#else
704# define have_tsc 0
705#endif
706
707 if (have_perfc) {
708 if (QueryPerformanceCounter(&l) == 0)
709 have_perfc = 0;
710 else
711 RAND_add(&l, sizeof(l), 0);
712 }
713
714 if (!have_tsc && !have_perfc) {
715 w = GetTickCount();
716 RAND_add(&w, sizeof(w), 0);
717 }
718}
719
720/* feed screen contents to PRNG */
721/*****************************************************************************
722 *
723 * Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V.
724 *
725 * Code adapted from
726 * <URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];97193>;
727 * the original copyright message is:
728 *
729 * (C) Copyright Microsoft Corp. 1993. All rights reserved.
730 *
731 * You have a royalty-free right to use, modify, reproduce and
732 * distribute the Sample Files (and/or any modified version) in
733 * any way you find useful, provided that you agree that
734 * Microsoft has no warranty obligations or liability for any
735 * Sample Application Files which are modified.
736 */
737
738static void readscreen(void)
739{
740#if !defined(OPENSSL_SYS_WINCE) && !defined(OPENSSL_SYS_WIN32_CYGWIN)
741 HDC hScrDC; /* screen DC */
742 HDC hMemDC; /* memory DC */
743 HBITMAP hBitmap; /* handle for our bitmap */
744 HBITMAP hOldBitmap; /* handle for previous bitmap */
745 BITMAP bm; /* bitmap properties */
746 unsigned int size; /* size of bitmap */
747 char *bmbits; /* contents of bitmap */
748 int w; /* screen width */
749 int h; /* screen height */
750 int y; /* y-coordinate of screen lines to grab */
751 int n = 16; /* number of screen lines to grab at a time */
752
753 if (GetVersion() < 0x80000000 && OPENSSL_isservice()>0)
754 return;
755
756 /* Create a screen DC and a memory DC compatible to screen DC */
757 hScrDC = CreateDC(TEXT("DISPLAY"), NULL, NULL, NULL);
758 hMemDC = CreateCompatibleDC(hScrDC);
759
760 /* Get screen resolution */
761 w = GetDeviceCaps(hScrDC, HORZRES);
762 h = GetDeviceCaps(hScrDC, VERTRES);
763
764 /* Create a bitmap compatible with the screen DC */
765 hBitmap = CreateCompatibleBitmap(hScrDC, w, n);
766
767 /* Select new bitmap into memory DC */
768 hOldBitmap = SelectObject(hMemDC, hBitmap);
769
770 /* Get bitmap properties */
771 GetObject(hBitmap, sizeof(BITMAP), (LPSTR)&bm);
772 size = (unsigned int)bm.bmWidthBytes * bm.bmHeight * bm.bmPlanes;
773
774 bmbits = OPENSSL_malloc(size);
775 if (bmbits) {
776 /* Now go through the whole screen, repeatedly grabbing n lines */
777 for (y = 0; y < h-n; y += n)
778 {
779 unsigned char md[MD_DIGEST_LENGTH];
780
781 /* Bitblt screen DC to memory DC */
782 BitBlt(hMemDC, 0, 0, w, n, hScrDC, 0, y, SRCCOPY);
783
784 /* Copy bitmap bits from memory DC to bmbits */
785 GetBitmapBits(hBitmap, size, bmbits);
786
787 /* Get the hash of the bitmap */
788 MD(bmbits,size,md);
789
790 /* Seed the random generator with the hash value */
791 RAND_add(md, MD_DIGEST_LENGTH, 0);
792 }
793
794 OPENSSL_free(bmbits);
795 }
796
797 /* Select old bitmap back into memory DC */
798 hBitmap = SelectObject(hMemDC, hOldBitmap);
799
800 /* Clean up */
801 DeleteObject(hBitmap);
802 DeleteDC(hMemDC);
803 DeleteDC(hScrDC);
804#endif /* !OPENSSL_SYS_WINCE */
805}
806
807#endif
diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c
index bc7d9c5804..4ed40b7b70 100644
--- a/src/lib/libcrypto/rand/randfile.c
+++ b/src/lib/libcrypto/rand/randfile.c
@@ -144,9 +144,7 @@ int RAND_load_file(const char *file, long bytes)
144 * I/O because we will waste system entropy. 144 * I/O because we will waste system entropy.
145 */ 145 */
146 bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */ 146 bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */
147#ifndef OPENSSL_NO_SETVBUF_IONBF
148 setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */ 147 setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */
149#endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
150 } 148 }
151#endif 149#endif
152 for (;;) 150 for (;;)
@@ -271,6 +269,7 @@ err:
271const char *RAND_file_name(char *buf, size_t size) 269const char *RAND_file_name(char *buf, size_t size)
272 { 270 {
273 char *s=NULL; 271 char *s=NULL;
272 int ok = 0;
274#ifdef __OpenBSD__ 273#ifdef __OpenBSD__
275 struct stat sb; 274 struct stat sb;
276#endif 275#endif
@@ -299,6 +298,7 @@ const char *RAND_file_name(char *buf, size_t size)
299 BUF_strlcat(buf,"/",size); 298 BUF_strlcat(buf,"/",size);
300#endif 299#endif
301 BUF_strlcat(buf,RFILE,size); 300 BUF_strlcat(buf,RFILE,size);
301 ok = 1;
302 } 302 }
303 else 303 else
304 buf[0] = '\0'; /* no file name */ 304 buf[0] = '\0'; /* no file name */
@@ -312,7 +312,7 @@ const char *RAND_file_name(char *buf, size_t size)
312 * to something hopefully decent if that isn't available. 312 * to something hopefully decent if that isn't available.
313 */ 313 */
314 314
315 if (!buf[0]) 315 if (!ok)
316 if (BUF_strlcpy(buf,"/dev/arandom",size) >= size) { 316 if (BUF_strlcpy(buf,"/dev/arandom",size) >= size) {
317 return(NULL); 317 return(NULL);
318 } 318 }
diff --git a/src/lib/libcrypto/rand/randtest.c b/src/lib/libcrypto/rand/randtest.c
new file mode 100644
index 0000000000..9e92a70b03
--- /dev/null
+++ b/src/lib/libcrypto/rand/randtest.c
@@ -0,0 +1,219 @@
1/* crypto/rand/randtest.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <openssl/rand.h>
62
63#include "../e_os.h"
64
65/* some FIPS 140-1 random number test */
66/* some simple tests */
67
68int main(int argc,char **argv)
69 {
70 unsigned char buf[2500];
71 int i,j,k,s,sign,nsign,err=0;
72 unsigned long n1;
73 unsigned long n2[16];
74 unsigned long runs[2][34];
75 /*double d; */
76 long d;
77
78 i = RAND_pseudo_bytes(buf,2500);
79 if (i < 0)
80 {
81 printf ("init failed, the rand method is not properly installed\n");
82 err++;
83 goto err;
84 }
85
86 n1=0;
87 for (i=0; i<16; i++) n2[i]=0;
88 for (i=0; i<34; i++) runs[0][i]=runs[1][i]=0;
89
90 /* test 1 and 2 */
91 sign=0;
92 nsign=0;
93 for (i=0; i<2500; i++)
94 {
95 j=buf[i];
96
97 n2[j&0x0f]++;
98 n2[(j>>4)&0x0f]++;
99
100 for (k=0; k<8; k++)
101 {
102 s=(j&0x01);
103 if (s == sign)
104 nsign++;
105 else
106 {
107 if (nsign > 34) nsign=34;
108 if (nsign != 0)
109 {
110 runs[sign][nsign-1]++;
111 if (nsign > 6)
112 runs[sign][5]++;
113 }
114 sign=s;
115 nsign=1;
116 }
117
118 if (s) n1++;
119 j>>=1;
120 }
121 }
122 if (nsign > 34) nsign=34;
123 if (nsign != 0) runs[sign][nsign-1]++;
124
125 /* test 1 */
126 if (!((9654 < n1) && (n1 < 10346)))
127 {
128 printf("test 1 failed, X=%lu\n",n1);
129 err++;
130 }
131 printf("test 1 done\n");
132
133 /* test 2 */
134#ifdef undef
135 d=0;
136 for (i=0; i<16; i++)
137 d+=n2[i]*n2[i];
138 d=d*16.0/5000.0-5000.0;
139 if (!((1.03 < d) && (d < 57.4)))
140 {
141 printf("test 2 failed, X=%.2f\n",d);
142 err++;
143 }
144#endif
145 d=0;
146 for (i=0; i<16; i++)
147 d+=n2[i]*n2[i];
148 d=(d*8)/25-500000;
149 if (!((103 < d) && (d < 5740)))
150 {
151 printf("test 2 failed, X=%ld.%02ld\n",d/100L,d%100L);
152 err++;
153 }
154 printf("test 2 done\n");
155
156 /* test 3 */
157 for (i=0; i<2; i++)
158 {
159 if (!((2267 < runs[i][0]) && (runs[i][0] < 2733)))
160 {
161 printf("test 3 failed, bit=%d run=%d num=%lu\n",
162 i,1,runs[i][0]);
163 err++;
164 }
165 if (!((1079 < runs[i][1]) && (runs[i][1] < 1421)))
166 {
167 printf("test 3 failed, bit=%d run=%d num=%lu\n",
168 i,2,runs[i][1]);
169 err++;
170 }
171 if (!(( 502 < runs[i][2]) && (runs[i][2] < 748)))
172 {
173 printf("test 3 failed, bit=%d run=%d num=%lu\n",
174 i,3,runs[i][2]);
175 err++;
176 }
177 if (!(( 223 < runs[i][3]) && (runs[i][3] < 402)))
178 {
179 printf("test 3 failed, bit=%d run=%d num=%lu\n",
180 i,4,runs[i][3]);
181 err++;
182 }
183 if (!(( 90 < runs[i][4]) && (runs[i][4] < 223)))
184 {
185 printf("test 3 failed, bit=%d run=%d num=%lu\n",
186 i,5,runs[i][4]);
187 err++;
188 }
189 if (!(( 90 < runs[i][5]) && (runs[i][5] < 223)))
190 {
191 printf("test 3 failed, bit=%d run=%d num=%lu\n",
192 i,6,runs[i][5]);
193 err++;
194 }
195 }
196 printf("test 3 done\n");
197
198 /* test 4 */
199 if (runs[0][33] != 0)
200 {
201 printf("test 4 failed, bit=%d run=%d num=%lu\n",
202 0,34,runs[0][33]);
203 err++;
204 }
205 if (runs[1][33] != 0)
206 {
207 printf("test 4 failed, bit=%d run=%d num=%lu\n",
208 1,34,runs[1][33]);
209 err++;
210 }
211 printf("test 4 done\n");
212 err:
213 err=((err)?1:0);
214#ifdef OPENSSL_SYS_NETWARE
215 if (err) printf("ERROR: %d\n", err);
216#endif
217 EXIT(err);
218 return(err);
219 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 06:20:42 +0000