The Tor Browser / file comparison
comparison: netwerk/srtp/src/crypto/rng/rand_source.c
netwerk/srtp/src/crypto/rng/rand_source.c
- changeset 0
- 6474c204b198
equal
deleted
inserted
replaced
| -1:000000000000 | 0:eb7179c9dd39 |
|---|---|
| 1 /* | |
| 2 * rand_source.c | |
| 3 * | |
| 4 * implements a random source based on /dev/random | |
| 5 * | |
| 6 * David A. McGrew | |
| 7 * Cisco Systems, Inc. | |
| 8 */ | |
| 9 /* | |
| 10 * | |
| 11 * Copyright(c) 2001-2006 Cisco Systems, Inc. | |
| 12 * All rights reserved. | |
| 13 * | |
| 14 * Redistribution and use in source and binary forms, with or without | |
| 15 * modification, are permitted provided that the following conditions | |
| 16 * are met: | |
| 17 * | |
| 18 * Redistributions of source code must retain the above copyright | |
| 19 * notice, this list of conditions and the following disclaimer. | |
| 20 * | |
| 21 * Redistributions in binary form must reproduce the above | |
| 22 * copyright notice, this list of conditions and the following | |
| 23 * disclaimer in the documentation and/or other materials provided | |
| 24 * with the distribution. | |
| 25 * | |
| 26 * Neither the name of the Cisco Systems, Inc. nor the names of its | |
| 27 * contributors may be used to endorse or promote products derived | |
| 28 * from this software without specific prior written permission. | |
| 29 * | |
| 30 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | |
| 31 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | |
| 32 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS | |
| 33 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE | |
| 34 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, | |
| 35 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | |
| 36 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR | |
| 37 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
| 38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
| 39 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
| 40 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
| 41 * OF THE POSSIBILITY OF SUCH DAMAGE. | |
| 42 * | |
| 43 */ | |
| 44 | |
| 45 #include "config.h" | |
| 46 | |
| 47 #ifdef DEV_URANDOM | |
| 48 # include <fcntl.h> /* for open() */ | |
| 49 # include <unistd.h> /* for close() */ | |
| 50 #elif defined(HAVE_RAND_S) | |
| 51 # define _CRT_RAND_S | |
| 52 # include <stdlib.h> | |
| 53 #else | |
| 54 # include <stdio.h> | |
| 55 #endif | |
| 56 | |
| 57 #include "rand_source.h" | |
| 58 | |
| 59 | |
| 60 /* | |
| 61 * global dev_rand_fdes is file descriptor for /dev/random | |
| 62 * | |
| 63 * This variable is also used to indicate that the random source has | |
| 64 * been initialized. When this variable is set to the value of the | |
| 65 * #define RAND_SOURCE_NOT_READY, it indicates that the random source | |
| 66 * is not ready to be used. The value of the #define | |
| 67 * RAND_SOURCE_READY is for use whenever that variable is used as an | |
| 68 * indicator of the state of the random source, but not as a file | |
| 69 * descriptor. | |
| 70 */ | |
| 71 | |
| 72 #define RAND_SOURCE_NOT_READY (-1) | |
| 73 #define RAND_SOURCE_READY (17) | |
| 74 | |
| 75 static int dev_random_fdes = RAND_SOURCE_NOT_READY; | |
| 76 | |
| 77 | |
| 78 err_status_t | |
| 79 rand_source_init(void) { | |
| 80 if (dev_random_fdes >= 0) { | |
| 81 /* already open */ | |
| 82 return err_status_ok; | |
| 83 } | |
| 84 #ifdef DEV_URANDOM | |
| 85 /* open random source for reading */ | |
| 86 dev_random_fdes = open(DEV_URANDOM, O_RDONLY); | |
| 87 if (dev_random_fdes < 0) | |
| 88 return err_status_init_fail; | |
| 89 #elif defined(HAVE_RAND_S) | |
| 90 dev_random_fdes = RAND_SOURCE_READY; | |
| 91 #else | |
| 92 /* no random source available; let the user know */ | |
| 93 fprintf(stderr, "WARNING: no real random source present!\n"); | |
| 94 dev_random_fdes = RAND_SOURCE_READY; | |
| 95 #endif | |
| 96 return err_status_ok; | |
| 97 } | |
| 98 | |
| 99 err_status_t | |
| 100 rand_source_get_octet_string(void *dest, uint32_t len) { | |
| 101 | |
| 102 /* | |
| 103 * read len octets from /dev/random to dest, and | |
| 104 * check return value to make sure enough octets were | |
| 105 * written | |
| 106 */ | |
| 107 #ifdef DEV_URANDOM | |
| 108 uint8_t *dst = (uint8_t *)dest; | |
| 109 while (len) | |
| 110 { | |
| 111 ssize_t num_read = read(dev_random_fdes, dst, len); | |
| 112 if (num_read <= 0 || num_read > len) | |
| 113 return err_status_fail; | |
| 114 len -= num_read; | |
| 115 dst += num_read; | |
| 116 } | |
| 117 #elif defined(HAVE_RAND_S) | |
| 118 uint8_t *dst = (uint8_t *)dest; | |
| 119 while (len) | |
| 120 { | |
| 121 unsigned int val; | |
| 122 errno_t err = rand_s(&val); | |
| 123 | |
| 124 if (err != 0) | |
| 125 return err_status_fail; | |
| 126 | |
| 127 *dst++ = val & 0xff; | |
| 128 len--; | |
| 129 } | |
| 130 #else | |
| 131 /* Generic C-library (rand()) version */ | |
| 132 /* This is a random source of last resort */ | |
| 133 uint8_t *dst = (uint8_t *)dest; | |
| 134 while (len) | |
| 135 { | |
| 136 int val = rand(); | |
| 137 /* rand() returns 0-32767 (ugh) */ | |
| 138 /* Is this a good enough way to get random bytes? | |
| 139 It is if it passes FIPS-140... */ | |
| 140 *dst++ = val & 0xff; | |
| 141 len--; | |
| 142 } | |
| 143 #endif | |
| 144 return err_status_ok; | |
| 145 } | |
| 146 | |
| 147 err_status_t | |
| 148 rand_source_deinit(void) { | |
| 149 if (dev_random_fdes < 0) | |
| 150 return err_status_dealloc_fail; /* well, we haven't really failed, * | |
| 151 * but there is something wrong */ | |
| 152 #ifdef DEV_URANDOM | |
| 153 close(dev_random_fdes); | |
| 154 #endif | |
| 155 dev_random_fdes = RAND_SOURCE_NOT_READY; | |
| 156 | |
| 157 return err_status_ok; | |
| 158 } |
