OLD | NEW |
| (Empty) |
1 /* | |
2 * rand_source.c | |
3 * | |
4 * implements a random source based on /dev/random | |
5 * | |
6 * David A. McGrew | |
7 * Cisco Systems, Inc. | |
8 */ | |
9 /* | |
10 * | |
11 * Copyright(c) 2001-2006 Cisco Systems, Inc. | |
12 * All rights reserved. | |
13 * | |
14 * Redistribution and use in source and binary forms, with or without | |
15 * modification, are permitted provided that the following conditions | |
16 * are met: | |
17 * | |
18 * Redistributions of source code must retain the above copyright | |
19 * notice, this list of conditions and the following disclaimer. | |
20 * | |
21 * Redistributions in binary form must reproduce the above | |
22 * copyright notice, this list of conditions and the following | |
23 * disclaimer in the documentation and/or other materials provided | |
24 * with the distribution. | |
25 * | |
26 * Neither the name of the Cisco Systems, Inc. nor the names of its | |
27 * contributors may be used to endorse or promote products derived | |
28 * from this software without specific prior written permission. | |
29 * | |
30 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | |
31 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | |
32 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS | |
33 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE | |
34 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, | |
35 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | |
36 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR | |
37 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
39 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
40 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
41 * OF THE POSSIBILITY OF SUCH DAMAGE. | |
42 * | |
43 */ | |
44 | |
45 #include "config.h" | |
46 | |
47 #ifdef DEV_URANDOM | |
48 # include <fcntl.h> /* for open() */ | |
49 # include <unistd.h> /* for close() */ | |
50 #elif defined(HAVE_RAND_S) | |
51 # define _CRT_RAND_S | |
52 # include <stdlib.h> | |
53 #else | |
54 # include <stdio.h> | |
55 #endif | |
56 | |
57 #include "rand_source.h" | |
58 | |
59 | |
60 /* | |
61 * global dev_rand_fdes is file descriptor for /dev/random | |
62 * | |
63 * This variable is also used to indicate that the random source has | |
64 * been initialized. When this variable is set to the value of the | |
65 * #define RAND_SOURCE_NOT_READY, it indicates that the random source | |
66 * is not ready to be used. The value of the #define | |
67 * RAND_SOURCE_READY is for use whenever that variable is used as an | |
68 * indicator of the state of the random source, but not as a file | |
69 * descriptor. | |
70 */ | |
71 | |
72 #define RAND_SOURCE_NOT_READY (-1) | |
73 #define RAND_SOURCE_READY (17) | |
74 | |
75 static int dev_random_fdes = RAND_SOURCE_NOT_READY; | |
76 | |
77 | |
78 err_status_t | |
79 rand_source_init(void) { | |
80 if (dev_random_fdes >= 0) { | |
81 /* already open */ | |
82 return err_status_ok; | |
83 } | |
84 #ifdef DEV_URANDOM | |
85 /* open random source for reading */ | |
86 dev_random_fdes = open(DEV_URANDOM, O_RDONLY); | |
87 if (dev_random_fdes < 0) | |
88 return err_status_init_fail; | |
89 #elif defined(HAVE_RAND_S) | |
90 dev_random_fdes = RAND_SOURCE_READY; | |
91 #else | |
92 /* no random source available; let the user know */ | |
93 fprintf(stderr, "WARNING: no real random source present!\n"); | |
94 dev_random_fdes = RAND_SOURCE_READY; | |
95 #endif | |
96 return err_status_ok; | |
97 } | |
98 | |
99 err_status_t | |
100 rand_source_get_octet_string(void *dest, uint32_t len) { | |
101 | |
102 /* | |
103 * read len octets from /dev/random to dest, and | |
104 * check return value to make sure enough octets were | |
105 * written | |
106 */ | |
107 #ifdef DEV_URANDOM | |
108 uint8_t *dst = (uint8_t *)dest; | |
109 while (len) | |
110 { | |
111 ssize_t num_read = read(dev_random_fdes, dst, len); | |
112 if (num_read <= 0 || num_read > len) | |
113 return err_status_fail; | |
114 len -= num_read; | |
115 dst += num_read; | |
116 } | |
117 #elif defined(HAVE_RAND_S) | |
118 uint8_t *dst = (uint8_t *)dest; | |
119 while (len) | |
120 { | |
121 unsigned int val; | |
122 errno_t err = rand_s(&val); | |
123 | |
124 if (err != 0) | |
125 return err_status_fail; | |
126 | |
127 *dst++ = val & 0xff; | |
128 len--; | |
129 } | |
130 #else | |
131 /* Generic C-library (rand()) version */ | |
132 /* This is a random source of last resort */ | |
133 uint8_t *dst = (uint8_t *)dest; | |
134 while (len) | |
135 { | |
136 int val = rand(); | |
137 /* rand() returns 0-32767 (ugh) */ | |
138 /* Is this a good enough way to get random bytes? | |
139 It is if it passes FIPS-140... */ | |
140 *dst++ = val & 0xff; | |
141 len--; | |
142 } | |
143 #endif | |
144 return err_status_ok; | |
145 } | |
146 | |
147 err_status_t | |
148 rand_source_deinit(void) { | |
149 if (dev_random_fdes < 0) | |
150 return err_status_dealloc_fail; /* well, we haven't really failed, * | |
151 * but there is something wrong */ | |
152 #ifdef DEV_URANDOM | |
153 close(dev_random_fdes); | |
154 #endif | |
155 dev_random_fdes = RAND_SOURCE_NOT_READY; | |
156 | |
157 return err_status_ok; | |
158 } | |
OLD | NEW |