diff options
Diffstat (limited to 'Cryptlib/OpenSSL/crypto/rand')
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/rand/md_rand.c | 91 | ||||
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/rand/rand_egd.c | 291 | ||||
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/rand/rand_eng.c | 145 | ||||
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/rand/rand_err.c | 27 | ||||
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/rand/rand_lcl.h | 105 | ||||
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/rand/rand_lib.c | 206 | ||||
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/rand/rand_nw.c | 179 | ||||
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/rand/rand_os2.c | 161 | ||||
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/rand/rand_unix.c | 119 | ||||
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/rand/rand_win.c | 751 | ||||
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/rand/randfile.c | 46 |
11 files changed, 382 insertions, 1739 deletions
diff --git a/Cryptlib/OpenSSL/crypto/rand/md_rand.c b/Cryptlib/OpenSSL/crypto/rand/md_rand.c index 6445c1b2..5c13d577 100644 --- a/Cryptlib/OpenSSL/crypto/rand/md_rand.c +++ b/Cryptlib/OpenSSL/crypto/rand/md_rand.c @@ -109,6 +109,8 @@ * */ +#define OPENSSL_FIPSEVP + #ifdef MD_RAND_DEBUG # ifndef NDEBUG # define NDEBUG @@ -121,14 +123,11 @@ #include "e_os.h" +#include <openssl/crypto.h> #include <openssl/rand.h> #include "rand_lcl.h" -#include <openssl/crypto.h> #include <openssl/err.h> -#ifdef OPENSSL_FIPS -# include <openssl/fips.h> -#endif #ifdef BN_DEBUG # define PREDICT @@ -150,7 +149,7 @@ static unsigned int crypto_lock_rand = 0; /* may be set only when a thread * prevent double locking) */ /* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */ /* valid iff crypto_lock_rand is set */ -static unsigned long locking_thread = 0; +static CRYPTO_THREADID locking_threadid; #ifdef PREDICT int rand_predictable = 0; @@ -161,13 +160,13 @@ const char RAND_version[] = "RAND" OPENSSL_VERSION_PTEXT; static void ssleay_rand_cleanup(void); static void ssleay_rand_seed(const void *buf, int num); static void ssleay_rand_add(const void *buf, int num, double add_entropy); -static int ssleay_rand_bytes(unsigned char *buf, int num); +static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num); static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num); static int ssleay_rand_status(void); RAND_METHOD rand_ssleay_meth = { ssleay_rand_seed, - ssleay_rand_bytes, + ssleay_rand_nopseudo_bytes, ssleay_rand_cleanup, ssleay_rand_add, ssleay_rand_pseudo_bytes, @@ -199,6 +198,9 @@ static void ssleay_rand_add(const void *buf, int num, double add) EVP_MD_CTX m; int do_not_lock; + if (!num) + return; + /* * (Based on the rand(3) manpage) * @@ -216,8 +218,10 @@ static void ssleay_rand_add(const void *buf, int num, double add) /* check if we already have the lock */ if (crypto_lock_rand) { + CRYPTO_THREADID cur; + CRYPTO_THREADID_current(&cur); CRYPTO_r_lock(CRYPTO_LOCK_RAND2); - do_not_lock = (locking_thread == CRYPTO_thread_id()); + do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur); CRYPTO_r_unlock(CRYPTO_LOCK_RAND2); } else do_not_lock = 0; @@ -271,7 +275,16 @@ static void ssleay_rand_add(const void *buf, int num, double add) } else MD_Update(&m, &(state[st_idx]), j); + /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */ MD_Update(&m, buf, j); + /* + * We know that line may cause programs such as purify and valgrind + * to complain about use of uninitialized data. The problem is not, + * it's with the caller. Removing that line will make sure you get + * really bad randomness and thereby other problems such as very + * insecure keys. + */ + MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c)); MD_Final(&m, local_md); md_c[1]++; @@ -320,7 +333,7 @@ static void ssleay_rand_seed(const void *buf, int num) ssleay_rand_add(buf, num, (double)num); } -static int ssleay_rand_bytes(unsigned char *buf, int num) +int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock) { static volatile int stirred_pool = 0; int i, j, k, st_num, st_idx; @@ -334,13 +347,6 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) #endif int do_stir_pool = 0; -#ifdef OPENSSL_FIPS - if (FIPS_mode()) { - FIPSerr(FIPS_F_SSLEAY_RAND_BYTES, FIPS_R_NON_FIPS_METHOD); - return 0; - } -#endif - #ifdef PREDICT if (rand_predictable) { static unsigned char val = 0; @@ -376,12 +382,12 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) * are fed into the hash function and the results are kept in the * global 'md'. */ - - CRYPTO_w_lock(CRYPTO_LOCK_RAND); + if (lock) + CRYPTO_w_lock(CRYPTO_LOCK_RAND); /* prevent ssleay_rand_bytes() from trying to obtain the lock again */ CRYPTO_w_lock(CRYPTO_LOCK_RAND2); - locking_thread = CRYPTO_thread_id(); + CRYPTO_THREADID_current(&locking_threadid); CRYPTO_w_unlock(CRYPTO_LOCK_RAND2); crypto_lock_rand = 1; @@ -456,7 +462,8 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) /* before unlocking, we must clear 'crypto_lock_rand' */ crypto_lock_rand = 0; - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); + if (lock) + CRYPTO_w_unlock(CRYPTO_LOCK_RAND); while (num > 0) { /* num_ceil -= MD_DIGEST_LENGTH/2 */ @@ -471,9 +478,18 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) #endif MD_Update(&m, local_md, MD_DIGEST_LENGTH); MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c)); -#ifndef PURIFY - MD_Update(&m, buf, j); /* purify complains */ + +#ifndef PURIFY /* purify complains */ + /* + * The following line uses the supplied buffer as a small source of + * entropy: since this buffer is often uninitialised it may cause + * programs such as purify or valgrind to complain. So for those + * builds it is not used: the removal of such a small source of + * entropy has negligible impact on security. + */ + MD_Update(&m, buf, j); #endif + k = (st_idx + MD_DIGEST_LENGTH / 2) - st_num; if (k > 0) { MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 - k); @@ -495,14 +511,18 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) MD_Init(&m); MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c)); MD_Update(&m, local_md, MD_DIGEST_LENGTH); - CRYPTO_w_lock(CRYPTO_LOCK_RAND); + if (lock) + CRYPTO_w_lock(CRYPTO_LOCK_RAND); MD_Update(&m, md, MD_DIGEST_LENGTH); MD_Final(&m, md); - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); + if (lock) + CRYPTO_w_unlock(CRYPTO_LOCK_RAND); EVP_MD_CTX_cleanup(&m); if (ok) return (1); + else if (pseudo) + return 0; else { RANDerr(RAND_F_SSLEAY_RAND_BYTES, RAND_R_PRNG_NOT_SEEDED); ERR_add_error_data(1, "You need to read the OpenSSL FAQ, " @@ -511,36 +531,33 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) } } +static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num) +{ + return ssleay_rand_bytes(buf, num, 0, 1); +} + /* * pseudo-random bytes that are guaranteed to be unique but not unpredictable */ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) { - int ret; - unsigned long err; - - ret = RAND_bytes(buf, num); - if (ret == 0) { - err = ERR_peek_error(); - if (ERR_GET_LIB(err) == ERR_LIB_RAND && - ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED) - ERR_clear_error(); - } - return (ret); + return ssleay_rand_bytes(buf, num, 1, 1); } static int ssleay_rand_status(void) { + CRYPTO_THREADID cur; int ret; int do_not_lock; + CRYPTO_THREADID_current(&cur); /* * check if we already have the lock (could happen if a RAND_poll() * implementation calls RAND_status()) */ if (crypto_lock_rand) { CRYPTO_r_lock(CRYPTO_LOCK_RAND2); - do_not_lock = (locking_thread == CRYPTO_thread_id()); + do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur); CRYPTO_r_unlock(CRYPTO_LOCK_RAND2); } else do_not_lock = 0; @@ -552,7 +569,7 @@ static int ssleay_rand_status(void) * prevent ssleay_rand_bytes() from trying to obtain the lock again */ CRYPTO_w_lock(CRYPTO_LOCK_RAND2); - locking_thread = CRYPTO_thread_id(); + CRYPTO_THREADID_cpy(&locking_threadid, &cur); CRYPTO_w_unlock(CRYPTO_LOCK_RAND2); crypto_lock_rand = 1; } diff --git a/Cryptlib/OpenSSL/crypto/rand/rand_egd.c b/Cryptlib/OpenSSL/crypto/rand/rand_egd.c deleted file mode 100644 index c0a9618d..00000000 --- a/Cryptlib/OpenSSL/crypto/rand/rand_egd.c +++ /dev/null @@ -1,291 +0,0 @@ -/* crypto/rand/rand_egd.c */ -/* Written by Ulf Moeller and Lutz Jaenicke for the OpenSSL project. */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include <openssl/e_os2.h> -#include <openssl/rand.h> -#include <openssl/buffer.h> - -/*- - * Query the EGD <URL: http://www.lothar.com/tech/crypto/>. - * - * This module supplies three routines: - * - * RAND_query_egd_bytes(path, buf, bytes) - * will actually query "bytes" bytes of entropy form the egd-socket located - * at path and will write them to buf (if supplied) or will directly feed - * it to RAND_seed() if buf==NULL. - * The number of bytes is not limited by the maximum chunk size of EGD, - * which is 255 bytes. If more than 255 bytes are wanted, several chunks - * of entropy bytes are requested. The connection is left open until the - * query is competed. - * RAND_query_egd_bytes() returns with - * -1 if an error occured during connection or communication. - * num the number of bytes read from the EGD socket. This number is either - * the number of bytes requested or smaller, if the EGD pool is - * drained and the daemon signals that the pool is empty. - * This routine does not touch any RAND_status(). This is necessary, since - * PRNG functions may call it during initialization. - * - * RAND_egd_bytes(path, bytes) will query "bytes" bytes and have them - * used to seed the PRNG. - * RAND_egd_bytes() is a wrapper for RAND_query_egd_bytes() with buf=NULL. - * Unlike RAND_query_egd_bytes(), RAND_status() is used to test the - * seed status so that the return value can reflect the seed state: - * -1 if an error occured during connection or communication _or_ - * if the PRNG has still not received the required seeding. - * num the number of bytes read from the EGD socket. This number is either - * the number of bytes requested or smaller, if the EGD pool is - * drained and the daemon signals that the pool is empty. - * - * RAND_egd(path) will query 255 bytes and use the bytes retreived to seed - * the PRNG. - * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. - */ - -#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI) -int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) -{ - return (-1); -} - -int RAND_egd(const char *path) -{ - return (-1); -} - -int RAND_egd_bytes(const char *path, int bytes) -{ - return (-1); -} -#else -# include <openssl/opensslconf.h> -# include OPENSSL_UNISTD -# include <sys/types.h> -# include <sys/socket.h> -# ifndef NO_SYS_UN_H -# ifdef OPENSSL_SYS_VXWORKS -# include <streams/un.h> -# else -# include <sys/un.h> -# endif -# else -struct sockaddr_un { - short sun_family; /* AF_UNIX */ - char sun_path[108]; /* path name (gag) */ -}; -# endif /* NO_SYS_UN_H */ -# include <string.h> -# include <errno.h> - -# ifndef offsetof -# define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER) -# endif - -int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) -{ - int ret = 0; - struct sockaddr_un addr; - int len, num, numbytes; - int fd = -1; - int success; - unsigned char egdbuf[2], tempbuf[255], *retrievebuf; - - memset(&addr, 0, sizeof(addr)); - addr.sun_family = AF_UNIX; - if (strlen(path) >= sizeof(addr.sun_path)) - return (-1); - BUF_strlcpy(addr.sun_path, path, sizeof addr.sun_path); - len = offsetof(struct sockaddr_un, sun_path) + strlen(path); - fd = socket(AF_UNIX, SOCK_STREAM, 0); - if (fd == -1) - return (-1); - success = 0; - while (!success) { - if (connect(fd, (struct sockaddr *)&addr, len) == 0) - success = 1; - else { - switch (errno) { -# ifdef EINTR - case EINTR: -# endif -# ifdef EAGAIN - case EAGAIN: -# endif -# ifdef EINPROGRESS - case EINPROGRESS: -# endif -# ifdef EALREADY - case EALREADY: -# endif - /* No error, try again */ - break; -# ifdef EISCONN - case EISCONN: - success = 1; - break; -# endif - default: - goto err; /* failure */ - } - } - } - - while (bytes > 0) { - egdbuf[0] = 1; - egdbuf[1] = bytes < 255 ? bytes : 255; - numbytes = 0; - while (numbytes != 2) { - num = write(fd, egdbuf + numbytes, 2 - numbytes); - if (num >= 0) - numbytes += num; - else { - switch (errno) { -# ifdef EINTR - case EINTR: -# endif -# ifdef EAGAIN - case EAGAIN: -# endif - /* No error, try again */ - break; - default: - ret = -1; - goto err; /* failure */ - } - } - } - numbytes = 0; - while (numbytes != 1) { - num = read(fd, egdbuf, 1); - if (num == 0) - goto err; /* descriptor closed */ - else if (num > 0) - numbytes += num; - else { - switch (errno) { -# ifdef EINTR - case EINTR: -# endif -# ifdef EAGAIN - case EAGAIN: -# endif - /* No error, try again */ - break; - default: - ret = -1; - goto err; /* failure */ - } - } - } - if (egdbuf[0] == 0) - goto err; - if (buf) - retrievebuf = buf + ret; - else - retrievebuf = tempbuf; - numbytes = 0; - while (numbytes != egdbuf[0]) { - num = read(fd, retrievebuf + numbytes, egdbuf[0] - numbytes); - if (num == 0) - goto err; /* descriptor closed */ - else if (num > 0) - numbytes += num; - else { - switch (errno) { -# ifdef EINTR - case EINTR: -# endif -# ifdef EAGAIN - case EAGAIN: -# endif - /* No error, try again */ - break; - default: - ret = -1; - goto err; /* failure */ - } - } - } - ret += egdbuf[0]; - bytes -= egdbuf[0]; - if (!buf) - RAND_seed(tempbuf, egdbuf[0]); - } - err: - if (fd != -1) - close(fd); - return (ret); -} - -int RAND_egd_bytes(const char *path, int bytes) -{ - int num, ret = 0; - - num = RAND_query_egd_bytes(path, NULL, bytes); - if (num < 1) - goto err; - if (RAND_status() == 1) - ret = num; - err: - return (ret); -} - -int RAND_egd(const char *path) -{ - return (RAND_egd_bytes(path, 255)); -} - -#endif diff --git a/Cryptlib/OpenSSL/crypto/rand/rand_eng.c b/Cryptlib/OpenSSL/crypto/rand/rand_eng.c deleted file mode 100644 index c7fe2f0c..00000000 --- a/Cryptlib/OpenSSL/crypto/rand/rand_eng.c +++ /dev/null @@ -1,145 +0,0 @@ -/* crypto/rand/rand_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <time.h> -#include "cryptlib.h" -#include "rand_lcl.h" -#include <openssl/rand.h> -#ifdef OPENSSL_FIPS -# include <openssl/fips.h> -# include <openssl/fips_rand.h> -#endif - -#ifndef OPENSSL_NO_ENGINE -# include <openssl/engine.h> -#endif - -#if defined(OPENSSL_FIPS) && !defined(OPENSSL_NO_ENGINE) - -/* non-NULL if default_RAND_meth is ENGINE-provided */ -static ENGINE *funct_ref = NULL; - -int eng_RAND_set_rand_method(const RAND_METHOD *meth, - const RAND_METHOD **pmeth) -{ - if (funct_ref) { - ENGINE_finish(funct_ref); - funct_ref = NULL; - } - *pmeth = meth; - return 1; -} - -const RAND_METHOD *eng_RAND_get_rand_method(const RAND_METHOD **pmeth) -{ - if (!*pmeth) { - ENGINE *e = ENGINE_get_default_RAND(); - if (e) { - *pmeth = ENGINE_get_RAND(e); - if (!*pmeth) { - ENGINE_finish(e); - e = NULL; - } - } - if (e) - funct_ref = e; - else if (FIPS_mode()) - *pmeth = FIPS_rand_method(); - else - *pmeth = RAND_SSLeay(); - } - - if (FIPS_mode() - && *pmeth != FIPS_rand_check()) { - RANDerr(RAND_F_ENG_RAND_GET_RAND_METHOD, RAND_R_NON_FIPS_METHOD); - return 0; - } - - return *pmeth; -} - -int RAND_set_rand_engine(ENGINE *engine) -{ - const RAND_METHOD *tmp_meth = NULL; - if (engine) { - if (!ENGINE_init(engine)) - return 0; - tmp_meth = ENGINE_get_RAND(engine); - if (!tmp_meth) { - ENGINE_finish(engine); - return 0; - } - } - /* This function releases any prior ENGINE so call it first */ - RAND_set_rand_method(tmp_meth); - funct_ref = engine; - return 1; -} - -void int_RAND_init_engine_callbacks(void) -{ - static int done = 0; - if (done) - return; - int_RAND_set_callbacks(eng_RAND_set_rand_method, - eng_RAND_get_rand_method); - done = 1; -} - -#endif diff --git a/Cryptlib/OpenSSL/crypto/rand/rand_err.c b/Cryptlib/OpenSSL/crypto/rand/rand_err.c index 8ed247fd..55d86ea8 100644 --- a/Cryptlib/OpenSSL/crypto/rand/rand_err.c +++ b/Cryptlib/OpenSSL/crypto/rand/rand_err.c @@ -1,6 +1,6 @@ /* crypto/rand/rand_err.c */ /* ==================================================================== - * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -70,32 +70,19 @@ # define ERR_REASON(reason) ERR_PACK(ERR_LIB_RAND,0,reason) static ERR_STRING_DATA RAND_str_functs[] = { - {ERR_FUNC(RAND_F_ENG_RAND_GET_RAND_METHOD), "ENG_RAND_GET_RAND_METHOD"}, - {ERR_FUNC(RAND_F_FIPS_RAND), "FIPS_RAND"}, - {ERR_FUNC(RAND_F_FIPS_RAND_BYTES), "FIPS_RAND_BYTES"}, - {ERR_FUNC(RAND_F_FIPS_RAND_GET_RAND_METHOD), "FIPS_RAND_GET_RAND_METHOD"}, - {ERR_FUNC(RAND_F_FIPS_RAND_SET_DT), "FIPS_RAND_SET_DT"}, - {ERR_FUNC(RAND_F_FIPS_SET_DT), "FIPS_SET_DT"}, - {ERR_FUNC(RAND_F_FIPS_SET_PRNG_SEED), "FIPS_SET_PRNG_SEED"}, - {ERR_FUNC(RAND_F_FIPS_SET_TEST_MODE), "FIPS_SET_TEST_MODE"}, {ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"}, + {ERR_FUNC(RAND_F_RAND_INIT_FIPS), "RAND_init_fips"}, {ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"}, {0, NULL} }; static ERR_STRING_DATA RAND_str_reasons[] = { - {ERR_REASON(RAND_R_NON_FIPS_METHOD), "non fips method"}, - {ERR_REASON(RAND_R_NOT_IN_TEST_MODE), "not in test mode"}, - {ERR_REASON(RAND_R_NO_KEY_SET), "no key set"}, - {ERR_REASON(RAND_R_PRNG_ASKING_FOR_TOO_MUCH), "prng asking for too much"}, - {ERR_REASON(RAND_R_PRNG_ERROR), "prng error"}, - {ERR_REASON(RAND_R_PRNG_KEYED), "prng keyed"}, - {ERR_REASON(RAND_R_PRNG_NOT_REKEYED), "prng not rekeyed"}, - {ERR_REASON(RAND_R_PRNG_NOT_RESEEDED), "prng not reseeded"}, + {ERR_REASON(RAND_R_DUAL_EC_DRBG_DISABLED), "dual ec drbg disabled"}, + {ERR_REASON(RAND_R_ERROR_INITIALISING_DRBG), "error initialising drbg"}, + {ERR_REASON(RAND_R_ERROR_INSTANTIATING_DRBG), "error instantiating drbg"}, + {ERR_REASON(RAND_R_NO_FIPS_RANDOM_METHOD_SET), + "no fips random method set"}, {ERR_REASON(RAND_R_PRNG_NOT_SEEDED), "PRNG not seeded"}, - {ERR_REASON(RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY), - "prng seed must not match key"}, - {ERR_REASON(RAND_R_PRNG_STUCK), "prng stuck"}, {0, NULL} }; diff --git a/Cryptlib/OpenSSL/crypto/rand/rand_lcl.h b/Cryptlib/OpenSSL/crypto/rand/rand_lcl.h index 18cc9b1e..f9fda3eb 100644 --- a/Cryptlib/OpenSSL/crypto/rand/rand_lcl.h +++ b/Cryptlib/OpenSSL/crypto/rand/rand_lcl.h @@ -5,21 +5,21 @@ * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. - * + * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * + * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -34,10 +34,10 @@ * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from + * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * + * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -49,7 +49,7 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * + * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence @@ -63,7 +63,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -110,60 +110,49 @@ */ #ifndef HEADER_RAND_LCL_H -#define HEADER_RAND_LCL_H +# define HEADER_RAND_LCL_H -#define ENTROPY_NEEDED 32 /* require 256 bits = 32 bytes of randomness */ +# define ENTROPY_NEEDED 32 /* require 256 bits = 32 bytes of randomness */ +# if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND) +# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) +# define USE_SHA1_RAND +# elif !defined(OPENSSL_NO_MD5) +# define USE_MD5_RAND +# elif !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES) +# define USE_MDC2_RAND +# elif !defined(OPENSSL_NO_MD2) +# define USE_MD2_RAND +# else +# error No message digest algorithm available +# endif +# endif -#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND) -#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) -#define USE_SHA1_RAND -#elif !defined(OPENSSL_NO_MD5) -#define USE_MD5_RAND -#elif !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES) -#define USE_MDC2_RAND -#elif !defined(OPENSSL_NO_MD2) -#define USE_MD2_RAND -#else -#error No message digest algorithm available -#endif -#endif - -#include <openssl/evp.h> -#define MD_Update(a,b,c) EVP_DigestUpdate(a,b,c) -#define MD_Final(a,b) EVP_DigestFinal_ex(a,b,NULL) -#if defined(USE_MD5_RAND) -#include <openssl/md5.h> -#define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH -#define MD_Init(a) EVP_DigestInit_ex(a,EVP_md5(), NULL) -#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md5(), NULL) -#elif defined(USE_SHA1_RAND) -#include <openssl/sha.h> -#define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH -#define MD_Init(a) EVP_DigestInit_ex(a,EVP_sha1(), NULL) -#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_sha1(), NULL) -#elif defined(USE_MDC2_RAND) -#include <openssl/mdc2.h> -#define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH -#define MD_Init(a) EVP_DigestInit_ex(a,EVP_mdc2(), NULL) -#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_mdc2(), NULL) -#elif defined(USE_MD2_RAND) -#include <openssl/md2.h> -#define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH -#define MD_Init(a) EVP_DigestInit_ex(a,EVP_md2(), NULL) -#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md2(), NULL) -#endif - -#ifndef OPENSSL_NO_ENGINE -void int_RAND_set_callbacks( - int (*set_rand_func)(const RAND_METHOD *meth, - const RAND_METHOD **pmeth), - const RAND_METHOD *(*get_rand_func) - (const RAND_METHOD **pmeth)); -int eng_RAND_set_rand_method(const RAND_METHOD *meth, - const RAND_METHOD **pmeth); -const RAND_METHOD *eng_RAND_get_rand_method(const RAND_METHOD **pmeth); -#endif +# include <openssl/evp.h> +# define MD_Update(a,b,c) EVP_DigestUpdate(a,b,c) +# define MD_Final(a,b) EVP_DigestFinal_ex(a,b,NULL) +# if defined(USE_MD5_RAND) +# include <openssl/md5.h> +# define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH +# define MD_Init(a) EVP_DigestInit_ex(a,EVP_md5(), NULL) +# define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md5(), NULL) +# elif defined(USE_SHA1_RAND) +# include <openssl/sha.h> +# define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH +# define MD_Init(a) EVP_DigestInit_ex(a,EVP_sha1(), NULL) +# define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_sha1(), NULL) +# elif defined(USE_MDC2_RAND) +# include <openssl/mdc2.h> +# define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH +# define MD_Init(a) EVP_DigestInit_ex(a,EVP_mdc2(), NULL) +# define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_mdc2(), NULL) +# elif defined(USE_MD2_RAND) +# include <openssl/md2.h> +# define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH +# define MD_Init(a) EVP_DigestInit_ex(a,EVP_md2(), NULL) +# define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md2(), NULL) +# endif +int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock); #endif diff --git a/Cryptlib/OpenSSL/crypto/rand/rand_lib.c b/Cryptlib/OpenSSL/crypto/rand/rand_lib.c index 96997bd4..88a78d35 100644 --- a/Cryptlib/OpenSSL/crypto/rand/rand_lib.c +++ b/Cryptlib/OpenSSL/crypto/rand/rand_lib.c @@ -60,88 +60,31 @@ #include <time.h> #include "cryptlib.h" #include <openssl/rand.h> -#include "rand_lcl.h" -#ifdef OPENSSL_FIPS -# include <openssl/fips.h> -# include <openssl/fips_rand.h> -#endif #ifndef OPENSSL_NO_ENGINE # include <openssl/engine.h> #endif -static const RAND_METHOD *default_RAND_meth = NULL; - #ifdef OPENSSL_FIPS +# include <openssl/fips.h> +# include <openssl/fips_rand.h> +# include "rand_lcl.h" +#endif -static int fips_RAND_set_rand_method(const RAND_METHOD *meth, - const RAND_METHOD **pmeth) -{ - *pmeth = meth; - return 1; -} - -static const RAND_METHOD *fips_RAND_get_rand_method(const RAND_METHOD **pmeth) -{ - if (!*pmeth) { - if (FIPS_mode()) - *pmeth = FIPS_rand_method(); - else - *pmeth = RAND_SSLeay(); - } - - if (FIPS_mode() - && *pmeth != FIPS_rand_check()) { - RANDerr(RAND_F_FIPS_RAND_GET_RAND_METHOD, RAND_R_NON_FIPS_METHOD); - return 0; - } - - return *pmeth; -} - -static int (*RAND_set_rand_method_func) (const RAND_METHOD *meth, - const RAND_METHOD **pmeth) - = fips_RAND_set_rand_method; -static const RAND_METHOD *(*RAND_get_rand_method_func) - (const RAND_METHOD **pmeth) - = fips_RAND_get_rand_method; - -# ifndef OPENSSL_NO_ENGINE -void int_RAND_set_callbacks(int (*set_rand_func) (const RAND_METHOD *meth, - const RAND_METHOD **pmeth), - const RAND_METHOD *(*get_rand_func) - (const RAND_METHOD **pmeth)) -{ - RAND_set_rand_method_func = set_rand_func; - RAND_get_rand_method_func = get_rand_func; -} -# endif - -int RAND_set_rand_method(const RAND_METHOD *meth) -{ - return RAND_set_rand_method_func(meth, &default_RAND_meth); -} - -const RAND_METHOD *RAND_get_rand_method(void) -{ - return RAND_get_rand_method_func(&default_RAND_meth); -} - -#else - -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE /* non-NULL if default_RAND_meth is ENGINE-provided */ static ENGINE *funct_ref = NULL; -# endif +#endif +static const RAND_METHOD *default_RAND_meth = NULL; int RAND_set_rand_method(const RAND_METHOD *meth) { -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE if (funct_ref) { ENGINE_finish(funct_ref); funct_ref = NULL; } -# endif +#endif default_RAND_meth = meth; return 1; } @@ -149,7 +92,7 @@ int RAND_set_rand_method(const RAND_METHOD *meth) const RAND_METHOD *RAND_get_rand_method(void) { if (!default_RAND_meth) { -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE ENGINE *e = ENGINE_get_default_RAND(); if (e) { default_RAND_meth = ENGINE_get_RAND(e); @@ -161,13 +104,13 @@ const RAND_METHOD *RAND_get_rand_method(void) if (e) funct_ref = e; else -# endif +#endif default_RAND_meth = RAND_SSLeay(); } return default_RAND_meth; } -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE int RAND_set_rand_engine(ENGINE *engine) { const RAND_METHOD *tmp_meth = NULL; @@ -185,8 +128,6 @@ int RAND_set_rand_engine(ENGINE *engine) funct_ref = engine; return 1; } -# endif - #endif void RAND_cleanup(void) @@ -234,3 +175,126 @@ int RAND_status(void) return meth->status(); return 0; } + +#ifdef OPENSSL_FIPS + +/* + * FIPS DRBG initialisation code. This sets up the DRBG for use by the rest + * of OpenSSL. + */ + +/* + * Entropy gatherer: use standard OpenSSL PRNG to seed (this will gather + * entropy internally through RAND_poll(). + */ + +static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout, + int entropy, size_t min_len, size_t max_len) +{ + /* Round up request to multiple of block size */ + min_len = ((min_len + 19) / 20) * 20; + *pout = OPENSSL_malloc(min_len); + if (!*pout) + return 0; + if (ssleay_rand_bytes(*pout, min_len, 0, 0) <= 0) { + OPENSSL_free(*pout); + *pout = NULL; + return 0; + } + return min_len; +} + +static void drbg_free_entropy(DRBG_CTX *ctx, unsigned char *out, size_t olen) +{ + if (out) { + OPENSSL_cleanse(out, olen); + OPENSSL_free(out); + } +} + +/* + * Set "additional input" when generating random data. This uses the current + * PID, a time value and a counter. + */ + +static size_t drbg_get_adin(DRBG_CTX *ctx, unsigned char **pout) +{ + /* Use of static variables is OK as this happens under a lock */ + static unsigned char buf[16]; + static unsigned long counter; + FIPS_get_timevec(buf, &counter); + *pout = buf; + return sizeof(buf); +} + +/* + * RAND_add() and RAND_seed() pass through to OpenSSL PRNG so it is + * correctly seeded by RAND_poll(). + */ + +static int drbg_rand_add(DRBG_CTX *ctx, const void *in, int inlen, + double entropy) +{ + RAND_SSLeay()->add(in, inlen, entropy); + return 1; +} + +static int drbg_rand_seed(DRBG_CTX *ctx, const void *in, int inlen) +{ + RAND_SSLeay()->seed(in, inlen); + return 1; +} + +# ifndef OPENSSL_DRBG_DEFAULT_TYPE +# define OPENSSL_DRBG_DEFAULT_TYPE NID_aes_256_ctr +# endif +# ifndef OPENSSL_DRBG_DEFAULT_FLAGS +# define OPENSSL_DRBG_DEFAULT_FLAGS DRBG_FLAG_CTR_USE_DF +# endif + +static int fips_drbg_type = OPENSSL_DRBG_DEFAULT_TYPE; +static int fips_drbg_flags = OPENSSL_DRBG_DEFAULT_FLAGS; + +void RAND_set_fips_drbg_type(int type, int flags) +{ + fips_drbg_type = type; + fips_drbg_flags = flags; +} + +int RAND_init_fips(void) +{ + DRBG_CTX *dctx; + size_t plen; + unsigned char pers[32], *p; +# ifndef OPENSSL_ALLOW_DUAL_EC_DRBG + if (fips_drbg_type >> 16) { + RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_DUAL_EC_DRBG_DISABLED); + return 0; + } +# endif + + dctx = FIPS_get_default_drbg(); + if (FIPS_drbg_init(dctx, fips_drbg_type, fips_drbg_flags) <= 0) { + RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_ERROR_INITIALISING_DRBG); + return 0; + } + + FIPS_drbg_set_callbacks(dctx, + drbg_get_entropy, drbg_free_entropy, 20, + drbg_get_entropy, drbg_free_entropy); + FIPS_drbg_set_rand_callbacks(dctx, drbg_get_adin, 0, + drbg_rand_seed, drbg_rand_add); + /* Personalisation string: a string followed by date time vector */ + strcpy((char *)pers, "OpenSSL DRBG2.0"); + plen = drbg_get_adin(dctx, &p); + memcpy(pers + 16, p, plen); + + if (FIPS_drbg_instantiate(dctx, pers, sizeof(pers)) <= 0) { + RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_ERROR_INSTANTIATING_DRBG); + return 0; + } + FIPS_rand_set_method(FIPS_drbg_method()); + return 1; +} + +#endif diff --git a/Cryptlib/OpenSSL/crypto/rand/rand_nw.c b/Cryptlib/OpenSSL/crypto/rand/rand_nw.c deleted file mode 100644 index 55ffe9ad..00000000 --- a/Cryptlib/OpenSSL/crypto/rand/rand_nw.c +++ /dev/null @@ -1,179 +0,0 @@ -/* crypto/rand/rand_nw.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "cryptlib.h" -#include <openssl/rand.h> -#include "rand_lcl.h" - -#if defined (OPENSSL_SYS_NETWARE) - -# if defined(NETWARE_LIBC) -# include <nks/thread.h> -# else -# include <nwthread.h> -# endif - -extern int GetProcessSwitchCount(void); -# if !defined(NETWARE_LIBC) || (CURRENT_NDK_THRESHOLD < 509220000) -extern void *RunningProcess; /* declare here same as found in newer NDKs */ -extern unsigned long GetSuperHighResolutionTimer(void); -# endif - - /* - * the FAQ indicates we need to provide at least 20 bytes (160 bits) of - * seed - */ -int RAND_poll(void) -{ - unsigned long l; - unsigned long tsc; - int i; - - /* - * There are several options to gather miscellaneous data but for now we - * will loop checking the time stamp counter (rdtsc) and the - * SuperHighResolutionTimer. Each iteration will collect 8 bytes of data - * but it is treated as only 1 byte of entropy. The call to - * ThreadSwitchWithDelay() will introduce additional variability into the - * data returned by rdtsc. Applications can agument the seed material by - * adding additional stuff with RAND_add() and should probably do so. - */ - l = GetProcessSwitchCount(); - RAND_add(&l, sizeof(l), 1); - - /* need to cast the void* to unsigned long here */ - l = (unsigned long)RunningProcess; - RAND_add(&l, sizeof(l), 1); - - for (i = 2; i < ENTROPY_NEEDED; i++) { -# ifdef __MWERKS__ - asm { - rdtsc mov tsc, eax} -# elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) - asm volatile ("rdtsc":"=a" (tsc)::"edx"); -# endif - - RAND_add(&tsc, sizeof(tsc), 1); - - l = GetSuperHighResolutionTimer(); - RAND_add(&l, sizeof(l), 0); - -# if defined(NETWARE_LIBC) - NXThreadYield(); -# else /* NETWARE_CLIB */ - ThreadSwitchWithDelay(); -# endif - } - - return 1; -} - -#endif diff --git a/Cryptlib/OpenSSL/crypto/rand/rand_os2.c b/Cryptlib/OpenSSL/crypto/rand/rand_os2.c deleted file mode 100644 index 4de2115f..00000000 --- a/Cryptlib/OpenSSL/crypto/rand/rand_os2.c +++ /dev/null @@ -1,161 +0,0 @@ -/* crypto/rand/rand_os2.c */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "cryptlib.h" -#include <openssl/rand.h> -#include "rand_lcl.h" - -#ifdef OPENSSL_SYS_OS2 - -# define INCL_DOSPROCESS -# define INCL_DOSPROFILE -# define INCL_DOSMISC -# define INCL_DOSMODULEMGR -# include <os2.h> - -# define CMD_KI_RDCNT (0x63) - -typedef struct _CPUUTIL { - ULONG ulTimeLow; /* Low 32 bits of time stamp */ - ULONG ulTimeHigh; /* High 32 bits of time stamp */ - ULONG ulIdleLow; /* Low 32 bits of idle time */ - ULONG ulIdleHigh; /* High 32 bits of idle time */ - ULONG ulBusyLow; /* Low 32 bits of busy time */ - ULONG ulBusyHigh; /* High 32 bits of busy time */ - ULONG ulIntrLow; /* Low 32 bits of interrupt time */ - ULONG ulIntrHigh; /* High 32 bits of interrupt time */ -} CPUUTIL; - -APIRET APIENTRY(*DosPerfSysCall) (ULONG ulCommand, ULONG ulParm1, - ULONG ulParm2, ULONG ulParm3) = NULL; -APIRET APIENTRY(*DosQuerySysState) (ULONG func, ULONG arg1, ULONG pid, - ULONG _res_, PVOID buf, ULONG bufsz) = - NULL; -HMODULE hDoscalls = 0; - -int RAND_poll(void) -{ - char failed_module[20]; - QWORD qwTime; - ULONG SysVars[QSV_FOREGROUND_PROCESS]; - - if (hDoscalls == 0) { - ULONG rc = - DosLoadModule(failed_module, sizeof(failed_module), "DOSCALLS", - &hDoscalls); - - if (rc == 0) { - rc = DosQueryProcAddr(hDoscalls, 976, NULL, - (PFN *) & DosPerfSysCall); - - if (rc) - DosPerfSysCall = NULL; - - rc = DosQueryProcAddr(hDoscalls, 368, NULL, - (PFN *) & DosQuerySysState); - - if (rc) - DosQuerySysState = NULL; - } - } - - /* Sample the hi-res timer, runs at around 1.1 MHz */ - DosTmrQueryTime(&qwTime); - RAND_add(&qwTime, sizeof(qwTime), 2); - - /* - * Sample a bunch of system variables, includes various process & memory - * statistics - */ - DosQuerySysInfo(1, QSV_FOREGROUND_PROCESS, SysVars, sizeof(SysVars)); - RAND_add(SysVars, sizeof(SysVars), 4); - - /* - * If available, sample CPU registers that count at CPU MHz Only fairly - * new CPUs (PPro & K6 onwards) & OS/2 versions support this - */ - if (DosPerfSysCall) { - CPUUTIL util; - - if (DosPerfSysCall(CMD_KI_RDCNT, (ULONG) & util, 0, 0) == 0) { - RAND_add(&util, sizeof(util), 10); - } else { - DosPerfSysCall = NULL; - } - } - - /* - * DosQuerySysState() gives us a huge quantity of process, thread, memory - * & handle stats - */ - if (DosQuerySysState) { - char *buffer = OPENSSL_malloc(256 * 1024); - - if (DosQuerySysState(0x1F, 0, 0, 0, buffer, 256 * 1024) == 0) { - /* - * First 4 bytes in buffer is a pointer to the thread count there - * should be at least 1 byte of entropy per thread - */ - RAND_add(buffer, 256 * 1024, **(ULONG **) buffer); - } - - OPENSSL_free(buffer); - return 1; - } - - return 0; -} - -#endif /* OPENSSL_SYS_OS2 */ diff --git a/Cryptlib/OpenSSL/crypto/rand/rand_unix.c b/Cryptlib/OpenSSL/crypto/rand/rand_unix.c index 0a6893cc..f60fac6c 100644 --- a/Cryptlib/OpenSSL/crypto/rand/rand_unix.c +++ b/Cryptlib/OpenSSL/crypto/rand/rand_unix.c @@ -134,7 +134,95 @@ # define FD_SETSIZE (8*sizeof(fd_set)) # endif -# ifdef __OpenBSD__ +# if defined(OPENSSL_SYS_VOS) + +/* + * The following algorithm repeatedly samples the real-time clock (RTC) to + * generate a sequence of unpredictable data. The algorithm relies upon the + * uneven execution speed of the code (due to factors such as cache misses, + * interrupts, bus activity, and scheduling) and upon the rather large + * relative difference between the speed of the clock and the rate at which + * it can be read. + * + * If this code is ported to an environment where execution speed is more + * constant or where the RTC ticks at a much slower rate, or the clock can be + * read with fewer instructions, it is likely that the results would be far + * more predictable. + * + * As a precaution, we generate 4 times the minimum required amount of seed + * data. + */ + +int RAND_poll(void) +{ + short int code; + gid_t curr_gid; + pid_t curr_pid; + uid_t curr_uid; + int i, k; + struct timespec ts; + unsigned char v; + +# ifdef OPENSSL_SYS_VOS_HPPA + long duration; + extern void s$sleep(long *_duration, short int *_code); +# else +# ifdef OPENSSL_SYS_VOS_IA32 + long long duration; + extern void s$sleep2(long long *_duration, short int *_code); +# else +# error "Unsupported Platform." +# endif /* OPENSSL_SYS_VOS_IA32 */ +# endif /* OPENSSL_SYS_VOS_HPPA */ + + /* + * Seed with the gid, pid, and uid, to ensure *some* variation between + * different processes. + */ + + curr_gid = getgid(); + RAND_add(&curr_gid, sizeof curr_gid, 1); + curr_gid = 0; + + curr_pid = getpid(); + RAND_add(&curr_pid, sizeof curr_pid, 1); + curr_pid = 0; + + curr_uid = getuid(); + RAND_add(&curr_uid, sizeof curr_uid, 1); + curr_uid = 0; + + for (i = 0; i < (ENTROPY_NEEDED * 4); i++) { + /* + * burn some cpu; hope for interrupts, cache collisions, bus + * interference, etc. + */ + for (k = 0; k < 99; k++) + ts.tv_nsec = random(); + +# ifdef OPENSSL_SYS_VOS_HPPA + /* sleep for 1/1024 of a second (976 us). */ + duration = 1; + s$sleep(&duration, &code); +# else +# ifdef OPENSSL_SYS_VOS_IA32 + /* sleep for 1/65536 of a second (15 us). */ + duration = 1; + s$sleep2(&duration, &code); +# endif /* OPENSSL_SYS_VOS_IA32 */ +# endif /* OPENSSL_SYS_VOS_HPPA */ + + /* get wall clock time. */ + clock_gettime(CLOCK_REALTIME, &ts); + + /* take 8 bits */ + v = (unsigned char)(ts.tv_nsec % 256); + RAND_add(&v, sizeof v, 1); + v = 0; + } + return 1; +} +# elif defined __OpenBSD__ int RAND_poll(void) { u_int32_t rnd = 0, i; @@ -164,7 +252,7 @@ int RAND_poll(void) static const char *randomfiles[] = { DEVRANDOM }; struct stat randomstats[sizeof(randomfiles) / sizeof(randomfiles[0])]; int fd; - size_t i; + unsigned int i; # endif # ifdef DEVRANDOM_EGD static const char *egdsockets[] = { DEVRANDOM_EGD, NULL }; @@ -179,8 +267,8 @@ int RAND_poll(void) * out of random entries. */ - for (i = 0; i < sizeof(randomfiles) / sizeof(randomfiles[0]) - && n < ENTROPY_NEEDED; i++) { + for (i = 0; (i < sizeof(randomfiles) / sizeof(randomfiles[0])) && + (n < ENTROPY_NEEDED); i++) { if ((fd = open(randomfiles[i], O_RDONLY # ifdef O_NONBLOCK | O_NONBLOCK @@ -195,7 +283,7 @@ int RAND_poll(void) )) >= 0) { int usec = 10 * 1000; /* spend 10ms on each file */ int r; - size_t j; + unsigned int j; struct stat *st = &randomstats[i]; /* @@ -219,7 +307,14 @@ int RAND_poll(void) do { int try_read = 0; -# if defined(OPENSSL_SYS_LINUX) +# if defined(OPENSSL_SYS_BEOS_R5) + /* + * select() is broken in BeOS R5, so we simply try to read + * something and snooze if we couldn't + */ + try_read = 1; + +# elif defined(OPENSSL_SYS_LINUX) /* use poll() */ struct pollfd pset; @@ -263,6 +358,10 @@ int RAND_poll(void) ENTROPY_NEEDED - n); if (r > 0) n += r; +# if defined(OPENSSL_SYS_BEOS_R5) + if (r == 0) + snooze(t.tv_usec); +# endif } else r = -1; @@ -317,6 +416,14 @@ int RAND_poll(void) l = time(NULL); RAND_add(&l, sizeof(l), 0.0); +# if defined(OPENSSL_SYS_BEOS) + { + system_info sysInfo; + get_system_info(&sysInfo); + RAND_add(&sysInfo, sizeof(sysInfo), 0); + } +# endif + # if defined(DEVRANDOM) || defined(DEVRANDOM_EGD) return 1; # else diff --git a/Cryptlib/OpenSSL/crypto/rand/rand_win.c b/Cryptlib/OpenSSL/crypto/rand/rand_win.c deleted file mode 100644 index 0c616c4c..00000000 --- a/Cryptlib/OpenSSL/crypto/rand/rand_win.c +++ /dev/null @@ -1,751 +0,0 @@ -/* crypto/rand/rand_win.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "cryptlib.h" -#include <openssl/rand.h> -#include "rand_lcl.h" - -#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) -# include <windows.h> -# ifndef _WIN32_WINNT -# define _WIN32_WINNT 0x0400 -# endif -# include <wincrypt.h> -# include <tlhelp32.h> - -/* - * Limit the time spent walking through the heap, processes, threads and - * modules to a maximum of 1000 miliseconds each, unless CryptoGenRandom - * failed - */ -# define MAXDELAY 1000 - -/* - * Intel hardware RNG CSP -- available from - * http://developer.intel.com/design/security/rng/redist_license.htm - */ -# define PROV_INTEL_SEC 22 -# define INTEL_DEF_PROV L"Intel Hardware Cryptographic Service Provider" - -static void readtimer(void); -static void readscreen(void); - -/* - * It appears like CURSORINFO, PCURSORINFO and LPCURSORINFO are only defined - * when WINVER is 0x0500 and up, which currently only happens on Win2000. - * Unfortunately, those are typedefs, so they're a little bit difficult to - * detect properly. On the other hand, the macro CURSOR_SHOWING is defined - * within the same conditional, so it can be use to detect the absence of - * said typedefs. - */ - -# ifndef CURSOR_SHOWING -/* - * Information about the global cursor. - */ -typedef struct tagCURSORINFO { - DWORD cbSize; - DWORD flags; - HCURSOR hCursor; - POINT ptScreenPos; -} CURSORINFO, *PCURSORINFO, *LPCURSORINFO; - -# define CURSOR_SHOWING 0x00000001 -# endif /* CURSOR_SHOWING */ - -# if !defined(OPENSSL_SYS_WINCE) -typedef BOOL(WINAPI *CRYPTACQUIRECONTEXTW) (HCRYPTPROV *, LPCWSTR, LPCWSTR, - DWORD, DWORD); -typedef BOOL(WINAPI *CRYPTGENRANDOM) (HCRYPTPROV, DWORD, BYTE *); -typedef BOOL(WINAPI *CRYPTRELEASECONTEXT) (HCRYPTPROV, DWORD); - -typedef HWND(WINAPI *GETFOREGROUNDWINDOW) (VOID); -typedef BOOL(WINAPI *GETCURSORINFO) (PCURSORINFO); -typedef DWORD(WINAPI *GETQUEUESTATUS) (UINT); - -typedef HANDLE(WINAPI *CREATETOOLHELP32SNAPSHOT) (DWORD, DWORD); -typedef BOOL(WINAPI *CLOSETOOLHELP32SNAPSHOT) (HANDLE); -typedef BOOL(WINAPI *HEAP32FIRST) (LPHEAPENTRY32, DWORD, size_t); -typedef BOOL(WINAPI *HEAP32NEXT) (LPHEAPENTRY32); -typedef BOOL(WINAPI *HEAP32LIST) (HANDLE, LPHEAPLIST32); -typedef BOOL(WINAPI *PROCESS32) (HANDLE, LPPROCESSENTRY32); -typedef BOOL(WINAPI *THREAD32) (HANDLE, LPTHREADENTRY32); -typedef BOOL(WINAPI *MODULE32) (HANDLE, LPMODULEENTRY32); - -# include <lmcons.h> -# include <lmstats.h> -# if 1 -/* - * The NET API is Unicode only. It requires the use of the UNICODE macro. - * When UNICODE is defined LPTSTR becomes LPWSTR. LMSTR was was added to the - * Platform SDK to allow the NET API to be used in non-Unicode applications - * provided that Unicode strings were still used for input. LMSTR is defined - * as LPWSTR. - */ -typedef NET_API_STATUS(NET_API_FUNCTION *NETSTATGET) - (LPWSTR, LPWSTR, DWORD, DWORD, LPBYTE *); -typedef NET_API_STATUS(NET_API_FUNCTION *NETFREE) (LPBYTE); -# endif /* 1 */ -# endif /* !OPENSSL_SYS_WINCE */ - -int RAND_poll(void) -{ - MEMORYSTATUS m; - HCRYPTPROV hProvider = 0; - DWORD w; - int good = 0; - -# if defined(OPENSSL_SYS_WINCE) -# if defined(_WIN32_WCE) && _WIN32_WCE>=300 - /* - * Even though MSDN says _WIN32_WCE>=210, it doesn't seem to be available - * in commonly available implementations prior 300... - */ - { - BYTE buf[64]; - /* poll the CryptoAPI PRNG */ - /* The CryptoAPI returns sizeof(buf) bytes of randomness */ - if (CryptAcquireContextW(&hProvider, NULL, NULL, PROV_RSA_FULL, - CRYPT_VERIFYCONTEXT)) { - if (CryptGenRandom(hProvider, sizeof(buf), buf)) - RAND_add(buf, sizeof(buf), sizeof(buf)); - CryptReleaseContext(hProvider, 0); - } - } -# endif -# else /* OPENSSL_SYS_WINCE */ - /* - * None of below libraries are present on Windows CE, which is - * why we #ifndef the whole section. This also excuses us from - * handling the GetProcAddress issue. The trouble is that in - * real Win32 API GetProcAddress is available in ANSI flavor - * only. In WinCE on the other hand GetProcAddress is a macro - * most commonly defined as GetProcAddressW, which accepts - * Unicode argument. If we were to call GetProcAddress under - * WinCE, I'd recommend to either redefine GetProcAddress as - * GetProcAddressA (there seem to be one in common CE spec) or - * implement own shim routine, which would accept ANSI argument - * and expand it to Unicode. - */ - { - /* load functions dynamically - not available on all systems */ - HMODULE advapi = LoadLibrary(TEXT("ADVAPI32.DLL")); - HMODULE kernel = LoadLibrary(TEXT("KERNEL32.DLL")); - HMODULE user = NULL; - HMODULE netapi = LoadLibrary(TEXT("NETAPI32.DLL")); - CRYPTACQUIRECONTEXTW acquire = NULL; - CRYPTGENRANDOM gen = NULL; - CRYPTRELEASECONTEXT release = NULL; - NETSTATGET netstatget = NULL; - NETFREE netfree = NULL; - BYTE buf[64]; - - if (netapi) { - netstatget = - (NETSTATGET) GetProcAddress(netapi, "NetStatisticsGet"); - netfree = (NETFREE) GetProcAddress(netapi, "NetApiBufferFree"); - } - - if (netstatget && netfree) { - LPBYTE outbuf; - /* - * NetStatisticsGet() is a Unicode only function - * STAT_WORKSTATION_0 contains 45 fields and STAT_SERVER_0 - * contains 17 fields. We treat each field as a source of one - * byte of entropy. - */ - - if (netstatget(NULL, L"LanmanWorkstation", 0, 0, &outbuf) == 0) { - RAND_add(outbuf, sizeof(STAT_WORKSTATION_0), 45); - netfree(outbuf); - } - if (netstatget(NULL, L"LanmanServer", 0, 0, &outbuf) == 0) { - RAND_add(outbuf, sizeof(STAT_SERVER_0), 17); - netfree(outbuf); - } - } - - if (netapi) - FreeLibrary(netapi); - - /* - * It appears like this can cause an exception deep within - * ADVAPI32.DLL at random times on Windows 2000. Reported by Jeffrey - * Altman. Only use it on NT. - */ - - if (advapi) { - /* - * If it's available, then it's available in both ANSI - * and UNICODE flavors even in Win9x, documentation says. - * We favor Unicode... - */ - acquire = (CRYPTACQUIRECONTEXTW) GetProcAddress(advapi, - "CryptAcquireContextW"); - gen = (CRYPTGENRANDOM) GetProcAddress(advapi, "CryptGenRandom"); - release = (CRYPTRELEASECONTEXT) GetProcAddress(advapi, - "CryptReleaseContext"); - } - - if (acquire && gen && release) { - /* poll the CryptoAPI PRNG */ - /* The CryptoAPI returns sizeof(buf) bytes of randomness */ - if (acquire(&hProvider, NULL, NULL, PROV_RSA_FULL, - CRYPT_VERIFYCONTEXT)) { - if (gen(hProvider, sizeof(buf), buf) != 0) { - RAND_add(buf, sizeof(buf), 0); - good = 1; -# if 0 - printf("randomness from PROV_RSA_FULL\n"); -# endif - } - release(hProvider, 0); - } - - /* poll the Pentium PRG with CryptoAPI */ - if (acquire(&hProvider, 0, INTEL_DEF_PROV, PROV_INTEL_SEC, 0)) { - if (gen(hProvider, sizeof(buf), buf) != 0) { - RAND_add(buf, sizeof(buf), sizeof(buf)); - good = 1; -# if 0 - printf("randomness from PROV_INTEL_SEC\n"); -# endif - } - release(hProvider, 0); - } - } - - if (advapi) - FreeLibrary(advapi); - - if ((!check_winnt() || - !OPENSSL_isservice()) && - (user = LoadLibrary(TEXT("USER32.DLL")))) { - GETCURSORINFO cursor; - GETFOREGROUNDWINDOW win; - GETQUEUESTATUS queue; - - win = - (GETFOREGROUNDWINDOW) GetProcAddress(user, - "GetForegroundWindow"); - cursor = (GETCURSORINFO) GetProcAddress(user, "GetCursorInfo"); - queue = (GETQUEUESTATUS) GetProcAddress(user, "GetQueueStatus"); - - if (win) { - /* window handle */ - HWND h = win(); - RAND_add(&h, sizeof(h), 0); - } - if (cursor) { - /* - * unfortunately, its not safe to call GetCursorInfo() on NT4 - * even though it exists in SP3 (or SP6) and higher. - */ - if (check_winnt() && !check_win_minplat(5)) - cursor = 0; - } - if (cursor) { - /* cursor position */ - /* assume 2 bytes of entropy */ - CURSORINFO ci; - ci.cbSize = sizeof(CURSORINFO); - if (cursor(&ci)) - RAND_add(&ci, ci.cbSize, 2); - } - - if (queue) { - /* message queue status */ - /* assume 1 byte of entropy */ - w = queue(QS_ALLEVENTS); - RAND_add(&w, sizeof(w), 1); - } - - FreeLibrary(user); - } - - /*- - * Toolhelp32 snapshot: enumerate processes, threads, modules and heap - * http://msdn.microsoft.com/library/psdk/winbase/toolhelp_5pfd.htm - * (Win 9x and 2000 only, not available on NT) - * - * This seeding method was proposed in Peter Gutmann, Software - * Generation of Practically Strong Random Numbers, - * http://www.usenix.org/publications/library/proceedings/sec98/gutmann.html - * revised version at http://www.cryptoengines.com/~peter/06_random.pdf - * (The assignment of entropy estimates below is arbitrary, but based - * on Peter's analysis the full poll appears to be safe. Additional - * interactive seeding is encouraged.) - */ - - if (kernel) { - CREATETOOLHELP32SNAPSHOT snap; - CLOSETOOLHELP32SNAPSHOT close_snap; - HANDLE handle; - - HEAP32FIRST heap_first; - HEAP32NEXT heap_next; - HEAP32LIST heaplist_first, heaplist_next; - PROCESS32 process_first, process_next; - THREAD32 thread_first, thread_next; - MODULE32 module_first, module_next; - - HEAPLIST32 hlist; - HEAPENTRY32 hentry; - PROCESSENTRY32 p; - THREADENTRY32 t; - MODULEENTRY32 m; - DWORD starttime = 0; - - snap = (CREATETOOLHELP32SNAPSHOT) - GetProcAddress(kernel, "CreateToolhelp32Snapshot"); - close_snap = (CLOSETOOLHELP32SNAPSHOT) - GetProcAddress(kernel, "CloseToolhelp32Snapshot"); - heap_first = (HEAP32FIRST) GetProcAddress(kernel, "Heap32First"); - heap_next = (HEAP32NEXT) GetProcAddress(kernel, "Heap32Next"); - heaplist_first = - (HEAP32LIST) GetProcAddress(kernel, "Heap32ListFirst"); - heaplist_next = - (HEAP32LIST) GetProcAddress(kernel, "Heap32ListNext"); - process_first = - (PROCESS32) GetProcAddress(kernel, "Process32First"); - process_next = - (PROCESS32) GetProcAddress(kernel, "Process32Next"); - thread_first = (THREAD32) GetProcAddress(kernel, "Thread32First"); - thread_next = (THREAD32) GetProcAddress(kernel, "Thread32Next"); - module_first = (MODULE32) GetProcAddress(kernel, "Module32First"); - module_next = (MODULE32) GetProcAddress(kernel, "Module32Next"); - - if (snap && heap_first && heap_next && heaplist_first && - heaplist_next && process_first && process_next && - thread_first && thread_next && module_first && - module_next && (handle = snap(TH32CS_SNAPALL, 0)) - != INVALID_HANDLE_VALUE) { - /* heap list and heap walking */ - /* - * HEAPLIST32 contains 3 fields that will change with each - * entry. Consider each field a source of 1 byte of entropy. - * HEAPENTRY32 contains 5 fields that will change with each - * entry. Consider each field a source of 1 byte of entropy. - */ - ZeroMemory(&hlist, sizeof(HEAPLIST32)); - hlist.dwSize = sizeof(HEAPLIST32); - if (good) - starttime = GetTickCount(); -# ifdef _MSC_VER - if (heaplist_first(handle, &hlist)) { - /* - * following discussion on dev ML, exception on WinCE (or - * other Win platform) is theoretically of unknown - * origin; prevent infinite loop here when this - * theoretical case occurs; otherwise cope with the - * expected (MSDN documented) exception-throwing - * behaviour of Heap32Next() on WinCE. - * - * based on patch in original message by Tanguy Fautré - * (2009/03/02) Subject: RAND_poll() and - * CreateToolhelp32Snapshot() stability - */ - int ex_cnt_limit = 42; - do { - RAND_add(&hlist, hlist.dwSize, 3); - __try { - ZeroMemory(&hentry, sizeof(HEAPENTRY32)); - hentry.dwSize = sizeof(HEAPENTRY32); - if (heap_first(&hentry, - hlist.th32ProcessID, - hlist.th32HeapID)) { - int entrycnt = 80; - do - RAND_add(&hentry, hentry.dwSize, 5); - while (heap_next(&hentry) - && (!good - || (GetTickCount() - starttime) < - MAXDELAY) - && --entrycnt > 0); - } - } - __except(EXCEPTION_EXECUTE_HANDLER) { - /* - * ignore access violations when walking the heap - * list - */ - ex_cnt_limit--; - } - } while (heaplist_next(handle, &hlist) - && (!good - || (GetTickCount() - starttime) < MAXDELAY) - && ex_cnt_limit > 0); - } -# else - if (heaplist_first(handle, &hlist)) { - do { - RAND_add(&hlist, hlist.dwSize, 3); - hentry.dwSize = sizeof(HEAPENTRY32); - if (heap_first(&hentry, - hlist.th32ProcessID, - hlist.th32HeapID)) { - int entrycnt = 80; - do - RAND_add(&hentry, hentry.dwSize, 5); - while (heap_next(&hentry) - && --entrycnt > 0); - } - } while (heaplist_next(handle, &hlist) - && (!good - || (GetTickCount() - starttime) < MAXDELAY)); - } -# endif - - /* process walking */ - /* - * PROCESSENTRY32 contains 9 fields that will change with - * each entry. Consider each field a source of 1 byte of - * entropy. - */ - p.dwSize = sizeof(PROCESSENTRY32); - - if (good) - starttime = GetTickCount(); - if (process_first(handle, &p)) - do - RAND_add(&p, p.dwSize, 9); - while (process_next(handle, &p) - && (!good - || (GetTickCount() - starttime) < MAXDELAY)); - - /* thread walking */ - /* - * THREADENTRY32 contains 6 fields that will change with each - * entry. Consider each field a source of 1 byte of entropy. - */ - t.dwSize = sizeof(THREADENTRY32); - if (good) - starttime = GetTickCount(); - if (thread_first(handle, &t)) - do - RAND_add(&t, t.dwSize, 6); - while (thread_next(handle, &t) - && (!good - || (GetTickCount() - starttime) < MAXDELAY)); - - /* module walking */ - /* - * MODULEENTRY32 contains 9 fields that will change with each - * entry. Consider each field a source of 1 byte of entropy. - */ - m.dwSize = sizeof(MODULEENTRY32); - if (good) - starttime = GetTickCount(); - if (module_first(handle, &m)) - do - RAND_add(&m, m.dwSize, 9); - while (module_next(handle, &m) - && (!good - || (GetTickCount() - starttime) < MAXDELAY)); - if (close_snap) - close_snap(handle); - else - CloseHandle(handle); - - } - - FreeLibrary(kernel); - } - } -# endif /* !OPENSSL_SYS_WINCE */ - - /* timer data */ - readtimer(); - - /* memory usage statistics */ - GlobalMemoryStatus(&m); - RAND_add(&m, sizeof(m), 1); - - /* process ID */ - w = GetCurrentProcessId(); - RAND_add(&w, sizeof(w), 1); - -# if 0 - printf("Exiting RAND_poll\n"); -# endif - - return (1); -} - -int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam) -{ - double add_entropy = 0; - - switch (iMsg) { - case WM_KEYDOWN: - { - static WPARAM key; - if (key != wParam) - add_entropy = 0.05; - key = wParam; - } - break; - case WM_MOUSEMOVE: - { - static int lastx, lasty, lastdx, lastdy; - int x, y, dx, dy; - - x = LOWORD(lParam); - y = HIWORD(lParam); - dx = lastx - x; - dy = lasty - y; - if (dx != 0 && dy != 0 && dx - lastdx != 0 && dy - lastdy != 0) - add_entropy = .2; - lastx = x, lasty = y; - lastdx = dx, lastdy = dy; - } - break; - } - - readtimer(); - RAND_add(&iMsg, sizeof(iMsg), add_entropy); - RAND_add(&wParam, sizeof(wParam), 0); - RAND_add(&lParam, sizeof(lParam), 0); - - return (RAND_status()); -} - -void RAND_screen(void) -{ /* function available for backward - * compatibility */ - RAND_poll(); - readscreen(); -} - -/* feed timing information to the PRNG */ -static void readtimer(void) -{ - DWORD w; - LARGE_INTEGER l; - static int have_perfc = 1; -# if defined(_MSC_VER) && defined(_M_X86) - static int have_tsc = 1; - DWORD cyclecount; - - if (have_tsc) { - __try { - __asm { - _emit 0x0f _emit 0x31 mov cyclecount, eax} - RAND_add(&cyclecount, sizeof(cyclecount), 1); - } - __except(EXCEPTION_EXECUTE_HANDLER) { - have_tsc = 0; - } - } -# else -# define have_tsc 0 -# endif - - if (have_perfc) { - if (QueryPerformanceCounter(&l) == 0) - have_perfc = 0; - else - RAND_add(&l, sizeof(l), 0); - } - - if (!have_tsc && !have_perfc) { - w = GetTickCount(); - RAND_add(&w, sizeof(w), 0); - } -} - -/* feed screen contents to PRNG */ -/***************************************************************************** - * - * Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V. - * - * Code adapted from - * <URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];97193>; - * the original copyright message is: - * - * (C) Copyright Microsoft Corp. 1993. All rights reserved. - * - * You have a royalty-free right to use, modify, reproduce and - * distribute the Sample Files (and/or any modified version) in - * any way you find useful, provided that you agree that - * Microsoft has no warranty obligations or liability for any - * Sample Application Files which are modified. - */ - -static void readscreen(void) -{ -# if !defined(OPENSSL_SYS_WINCE) && !defined(OPENSSL_SYS_WIN32_CYGWIN) - HDC hScrDC; /* screen DC */ - HDC hMemDC; /* memory DC */ - HBITMAP hBitmap; /* handle for our bitmap */ - HBITMAP hOldBitmap; /* handle for previous bitmap */ - BITMAP bm; /* bitmap properties */ - unsigned int size; /* size of bitmap */ - char *bmbits; /* contents of bitmap */ - int w; /* screen width */ - int h; /* screen height */ - int y; /* y-coordinate of screen lines to grab */ - int n = 16; /* number of screen lines to grab at a time */ - - if (check_winnt() && OPENSSL_isservice() > 0) - return; - - /* Create a screen DC and a memory DC compatible to screen DC */ - hScrDC = CreateDC(TEXT("DISPLAY"), NULL, NULL, NULL); - hMemDC = CreateCompatibleDC(hScrDC); - - /* Get screen resolution */ - w = GetDeviceCaps(hScrDC, HORZRES); - h = GetDeviceCaps(hScrDC, VERTRES); - - /* Create a bitmap compatible with the screen DC */ - hBitmap = CreateCompatibleBitmap(hScrDC, w, n); - - /* Select new bitmap into memory DC */ - hOldBitmap = SelectObject(hMemDC, hBitmap); - - /* Get bitmap properties */ - GetObject(hBitmap, sizeof(BITMAP), (LPSTR) & bm); - size = (unsigned int)bm.bmWidthBytes * bm.bmHeight * bm.bmPlanes; - - bmbits = OPENSSL_malloc(size); - if (bmbits) { - /* Now go through the whole screen, repeatedly grabbing n lines */ - for (y = 0; y < h - n; y += n) { - unsigned char md[MD_DIGEST_LENGTH]; - - /* Bitblt screen DC to memory DC */ - BitBlt(hMemDC, 0, 0, w, n, hScrDC, 0, y, SRCCOPY); - - /* Copy bitmap bits from memory DC to bmbits */ - GetBitmapBits(hBitmap, size, bmbits); - - /* Get the hash of the bitmap */ - MD(bmbits, size, md); - - /* Seed the random generator with the hash value */ - RAND_add(md, MD_DIGEST_LENGTH, 0); - } - - OPENSSL_free(bmbits); - } - - /* Select old bitmap back into memory DC */ - hBitmap = SelectObject(hMemDC, hOldBitmap); - - /* Clean up */ - DeleteObject(hBitmap); - DeleteDC(hMemDC); - DeleteDC(hScrDC); -# endif /* !OPENSSL_SYS_WINCE */ -} - -#endif diff --git a/Cryptlib/OpenSSL/crypto/rand/randfile.c b/Cryptlib/OpenSSL/crypto/rand/randfile.c index 3feca3d5..9537c56a 100644 --- a/Cryptlib/OpenSSL/crypto/rand/randfile.c +++ b/Cryptlib/OpenSSL/crypto/rand/randfile.c @@ -57,7 +57,9 @@ */ /* We need to define this to get macros like S_IFBLK and S_IFCHR */ -#define _XOPEN_SOURCE 500 +#if !defined(OPENSSL_SYS_VXWORKS) +# define _XOPEN_SOURCE 500 +#endif #include <errno.h> #include <stdio.h> @@ -75,10 +77,9 @@ #ifndef NO_SYS_TYPES_H # include <sys/types.h> #endif -#ifdef MAC_OS_pre_X -# include <stat.h> -#else +#ifndef OPENSSL_NO_POSIX_IO # include <sys/stat.h> +# include <fcntl.h> #endif #ifdef _WIN32 @@ -117,14 +118,17 @@ int RAND_load_file(const char *file, long bytes) */ MS_STATIC unsigned char buf[BUFSIZE]; +#ifndef OPENSSL_NO_POSIX_IO struct stat sb; +#endif int i, ret = 0, n; FILE *in; if (file == NULL) return (0); -#ifdef PURIFY +#ifndef OPENSSL_NO_POSIX_IO +# ifdef PURIFY /* * struct stat can have padding and unused fields that may not be * initialized in the call to stat(). We need to clear the entire @@ -132,11 +136,11 @@ int RAND_load_file(const char *file, long bytes) * applications such as Valgrind. */ memset(&sb, 0, sizeof(sb)); -#endif - +# endif if (stat(file, &sb) < 0) return (0); RAND_add(&sb, sizeof(sb), 0.0); +#endif if (bytes == 0) return (ret); @@ -147,15 +151,17 @@ int RAND_load_file(const char *file, long bytes) #endif if (in == NULL) goto err; -#if defined(S_ISBLK) && defined(S_ISCHR) - if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) { +#if defined(S_IFBLK) && defined(S_IFCHR) && !defined(OPENSSL_NO_POSIX_IO) + if (sb.st_mode & (S_IFBLK | S_IFCHR)) { /* * this file is a device. we don't want read an infinite number of * bytes from a random device, nor do we want to use buffered I/O * because we will waste system entropy. */ bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */ +# ifndef OPENSSL_NO_SETVBUF_IONBF setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */ +# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ } #endif for (;;) { @@ -191,11 +197,12 @@ int RAND_write_file(const char *file) int i, ret = 0, rand_err = 0; FILE *out = NULL; int n; +#ifndef OPENSSL_NO_POSIX_IO struct stat sb; i = stat(file, &sb); if (i != -1) { -#if defined(S_ISBLK) && defined(S_ISCHR) +# if defined(S_ISBLK) && defined(S_ISCHR) if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) { /* * this file is a device. we don't write back to it. we @@ -205,17 +212,20 @@ int RAND_write_file(const char *file) */ return (1); } -#endif +# endif } -#if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_VMS) - { - /* For some reason Win32 can't write to files created this way */ +#endif +#if defined(O_CREAT) && !defined(OPENSSL_NO_POSIX_IO) && !defined(OPENSSL_SYS_VMS) + { +# ifndef O_BINARY +# define O_BINARY 0 +# endif /* * chmod(..., 0600) is too late to protect the file, permissions * should be restrictive from the start */ - int fd = open(file, O_CREAT, 0600); + int fd = open(file, O_WRONLY | O_CREAT | O_BINARY, 0600); if (fd != -1) out = fdopen(fd, "wb"); } @@ -279,7 +289,6 @@ const char *RAND_file_name(char *buf, size_t size) { char *s = NULL; #ifdef __OpenBSD__ - int ok = 0; struct stat sb; #endif @@ -302,9 +311,6 @@ const char *RAND_file_name(char *buf, size_t size) BUF_strlcat(buf, "/", size); #endif BUF_strlcat(buf, RFILE, size); -#ifdef __OpenBSD__ - ok = 1; -#endif } else buf[0] = '\0'; /* no file name */ } @@ -318,7 +324,7 @@ const char *RAND_file_name(char *buf, size_t size) * available. */ - if (!ok) + if (!buf[0]) if (BUF_strlcpy(buf, "/dev/arandom", size) >= size) { return (NULL); } |