]>
Commit | Line | Data |
---|---|---|
1 | /* Written by Ulf Moeller and Lutz Jaenicke for the OpenSSL project. */ | |
2 | /* ==================================================================== | |
3 | * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. | |
4 | * | |
5 | * Redistribution and use in source and binary forms, with or without | |
6 | * modification, are permitted provided that the following conditions | |
7 | * are met: | |
8 | * | |
9 | * 1. Redistributions of source code must retain the above copyright | |
10 | * notice, this list of conditions and the following disclaimer. | |
11 | * | |
12 | * 2. Redistributions in binary form must reproduce the above copyright | |
13 | * notice, this list of conditions and the following disclaimer in | |
14 | * the documentation and/or other materials provided with the | |
15 | * distribution. | |
16 | * | |
17 | * 3. All advertising materials mentioning features or use of this | |
18 | * software must display the following acknowledgment: | |
19 | * "This product includes software developed by the OpenSSL Project | |
20 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | |
21 | * | |
22 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
23 | * endorse or promote products derived from this software without | |
24 | * prior written permission. For written permission, please contact | |
25 | * openssl-core@openssl.org. | |
26 | * | |
27 | * 5. Products derived from this software may not be called "OpenSSL" | |
28 | * nor may "OpenSSL" appear in their names without prior written | |
29 | * permission of the OpenSSL Project. | |
30 | * | |
31 | * 6. Redistributions of any form whatsoever must retain the following | |
32 | * acknowledgment: | |
33 | * "This product includes software developed by the OpenSSL Project | |
34 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | |
35 | * | |
36 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
37 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
38 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
39 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
40 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
41 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
42 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
43 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
44 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
45 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
46 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
47 | * OF THE POSSIBILITY OF SUCH DAMAGE. | |
48 | * ==================================================================== | |
49 | * | |
50 | * This product includes cryptographic software written by Eric Young | |
51 | * (eay@cryptsoft.com). This product includes software written by Tim | |
52 | * Hudson (tjh@cryptsoft.com). | |
53 | * | |
54 | */ | |
55 | ||
56 | #include <openssl/crypto.h> | |
57 | #include <openssl/e_os2.h> | |
58 | #include <openssl/rand.h> | |
59 | ||
60 | /*- | |
61 | * Query the EGD <URL: http://www.lothar.com/tech/crypto/>. | |
62 | * | |
63 | * This module supplies three routines: | |
64 | * | |
65 | * RAND_query_egd_bytes(path, buf, bytes) | |
66 | * will actually query "bytes" bytes of entropy form the egd-socket located | |
67 | * at path and will write them to buf (if supplied) or will directly feed | |
68 | * it to RAND_seed() if buf==NULL. | |
69 | * The number of bytes is not limited by the maximum chunk size of EGD, | |
70 | * which is 255 bytes. If more than 255 bytes are wanted, several chunks | |
71 | * of entropy bytes are requested. The connection is left open until the | |
72 | * query is competed. | |
73 | * RAND_query_egd_bytes() returns with | |
74 | * -1 if an error occurred during connection or communication. | |
75 | * num the number of bytes read from the EGD socket. This number is either | |
76 | * the number of bytes requested or smaller, if the EGD pool is | |
77 | * drained and the daemon signals that the pool is empty. | |
78 | * This routine does not touch any RAND_status(). This is necessary, since | |
79 | * PRNG functions may call it during initialization. | |
80 | * | |
81 | * RAND_egd_bytes(path, bytes) will query "bytes" bytes and have them | |
82 | * used to seed the PRNG. | |
83 | * RAND_egd_bytes() is a wrapper for RAND_query_egd_bytes() with buf=NULL. | |
84 | * Unlike RAND_query_egd_bytes(), RAND_status() is used to test the | |
85 | * seed status so that the return value can reflect the seed state: | |
86 | * -1 if an error occurred during connection or communication _or_ | |
87 | * if the PRNG has still not received the required seeding. | |
88 | * num the number of bytes read from the EGD socket. This number is either | |
89 | * the number of bytes requested or smaller, if the EGD pool is | |
90 | * drained and the daemon signals that the pool is empty. | |
91 | * | |
92 | * RAND_egd(path) will query 255 bytes and use the bytes retreived to seed | |
93 | * the PRNG. | |
94 | * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. | |
95 | */ | |
96 | ||
97 | #ifndef OPENSSL_NO_EGD | |
98 | ||
99 | # if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI) | |
100 | int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) | |
101 | { | |
102 | return (-1); | |
103 | } | |
104 | ||
105 | int RAND_egd(const char *path) | |
106 | { | |
107 | return (-1); | |
108 | } | |
109 | ||
110 | int RAND_egd_bytes(const char *path, int bytes) | |
111 | { | |
112 | return (-1); | |
113 | } | |
114 | # else | |
115 | # include <openssl/opensslconf.h> | |
116 | # include OPENSSL_UNISTD | |
117 | # include <stddef.h> | |
118 | # include <sys/types.h> | |
119 | # include <sys/socket.h> | |
120 | # ifndef NO_SYS_UN_H | |
121 | # ifdef OPENSSL_SYS_VXWORKS | |
122 | # include <streams/un.h> | |
123 | # else | |
124 | # include <sys/un.h> | |
125 | # endif | |
126 | # else | |
127 | struct sockaddr_un { | |
128 | short sun_family; /* AF_UNIX */ | |
129 | char sun_path[108]; /* path name (gag) */ | |
130 | }; | |
131 | # endif /* NO_SYS_UN_H */ | |
132 | # include <string.h> | |
133 | # include <errno.h> | |
134 | ||
135 | int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) | |
136 | { | |
137 | int ret = 0; | |
138 | struct sockaddr_un addr; | |
139 | int len, num, numbytes; | |
140 | int fd = -1; | |
141 | int success; | |
142 | unsigned char egdbuf[2], tempbuf[255], *retrievebuf; | |
143 | ||
144 | memset(&addr, 0, sizeof(addr)); | |
145 | addr.sun_family = AF_UNIX; | |
146 | if (strlen(path) >= sizeof(addr.sun_path)) | |
147 | return (-1); | |
148 | OPENSSL_strlcpy(addr.sun_path, path, sizeof addr.sun_path); | |
149 | len = offsetof(struct sockaddr_un, sun_path) + strlen(path); | |
150 | fd = socket(AF_UNIX, SOCK_STREAM, 0); | |
151 | if (fd == -1) | |
152 | return (-1); | |
153 | success = 0; | |
154 | while (!success) { | |
155 | if (connect(fd, (struct sockaddr *)&addr, len) == 0) | |
156 | success = 1; | |
157 | else { | |
158 | switch (errno) { | |
159 | # ifdef EINTR | |
160 | case EINTR: | |
161 | # endif | |
162 | # ifdef EAGAIN | |
163 | case EAGAIN: | |
164 | # endif | |
165 | # ifdef EINPROGRESS | |
166 | case EINPROGRESS: | |
167 | # endif | |
168 | # ifdef EALREADY | |
169 | case EALREADY: | |
170 | # endif | |
171 | /* No error, try again */ | |
172 | break; | |
173 | # ifdef EISCONN | |
174 | case EISCONN: | |
175 | success = 1; | |
176 | break; | |
177 | # endif | |
178 | default: | |
179 | goto err; /* failure */ | |
180 | } | |
181 | } | |
182 | } | |
183 | ||
184 | while (bytes > 0) { | |
185 | egdbuf[0] = 1; | |
186 | egdbuf[1] = bytes < 255 ? bytes : 255; | |
187 | numbytes = 0; | |
188 | while (numbytes != 2) { | |
189 | num = write(fd, egdbuf + numbytes, 2 - numbytes); | |
190 | if (num >= 0) | |
191 | numbytes += num; | |
192 | else { | |
193 | switch (errno) { | |
194 | # ifdef EINTR | |
195 | case EINTR: | |
196 | # endif | |
197 | # ifdef EAGAIN | |
198 | case EAGAIN: | |
199 | # endif | |
200 | /* No error, try again */ | |
201 | break; | |
202 | default: | |
203 | ret = -1; | |
204 | goto err; /* failure */ | |
205 | } | |
206 | } | |
207 | } | |
208 | numbytes = 0; | |
209 | while (numbytes != 1) { | |
210 | num = read(fd, egdbuf, 1); | |
211 | if (num == 0) | |
212 | goto err; /* descriptor closed */ | |
213 | else if (num > 0) | |
214 | numbytes += num; | |
215 | else { | |
216 | switch (errno) { | |
217 | # ifdef EINTR | |
218 | case EINTR: | |
219 | # endif | |
220 | # ifdef EAGAIN | |
221 | case EAGAIN: | |
222 | # endif | |
223 | /* No error, try again */ | |
224 | break; | |
225 | default: | |
226 | ret = -1; | |
227 | goto err; /* failure */ | |
228 | } | |
229 | } | |
230 | } | |
231 | if (egdbuf[0] == 0) | |
232 | goto err; | |
233 | if (buf) | |
234 | retrievebuf = buf + ret; | |
235 | else | |
236 | retrievebuf = tempbuf; | |
237 | numbytes = 0; | |
238 | while (numbytes != egdbuf[0]) { | |
239 | num = read(fd, retrievebuf + numbytes, egdbuf[0] - numbytes); | |
240 | if (num == 0) | |
241 | goto err; /* descriptor closed */ | |
242 | else if (num > 0) | |
243 | numbytes += num; | |
244 | else { | |
245 | switch (errno) { | |
246 | # ifdef EINTR | |
247 | case EINTR: | |
248 | # endif | |
249 | # ifdef EAGAIN | |
250 | case EAGAIN: | |
251 | # endif | |
252 | /* No error, try again */ | |
253 | break; | |
254 | default: | |
255 | ret = -1; | |
256 | goto err; /* failure */ | |
257 | } | |
258 | } | |
259 | } | |
260 | ret += egdbuf[0]; | |
261 | bytes -= egdbuf[0]; | |
262 | if (!buf) | |
263 | RAND_seed(tempbuf, egdbuf[0]); | |
264 | } | |
265 | err: | |
266 | if (fd != -1) | |
267 | close(fd); | |
268 | return (ret); | |
269 | } | |
270 | ||
271 | int RAND_egd_bytes(const char *path, int bytes) | |
272 | { | |
273 | int num, ret = 0; | |
274 | ||
275 | num = RAND_query_egd_bytes(path, NULL, bytes); | |
276 | if (num < 1) | |
277 | goto err; | |
278 | if (RAND_status() == 1) | |
279 | ret = num; | |
280 | err: | |
281 | return (ret); | |
282 | } | |
283 | ||
284 | int RAND_egd(const char *path) | |
285 | { | |
286 | return (RAND_egd_bytes(path, 255)); | |
287 | } | |
288 | ||
289 | # endif | |
290 | ||
291 | #else /* OPENSSL_NO_EGD */ | |
292 | # if PEDANTIC | |
293 | static void *dummy = &dummy; | |
294 | # endif | |
295 | #endif |