1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/netwerk/srtp/src/crypto/rng/rand_source.c Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,158 @@
1.4 +/*
1.5 + * rand_source.c
1.6 + *
1.7 + * implements a random source based on /dev/random
1.8 + *
1.9 + * David A. McGrew
1.10 + * Cisco Systems, Inc.
1.11 + */
1.12 +/*
1.13 + *
1.14 + * Copyright(c) 2001-2006 Cisco Systems, Inc.
1.15 + * All rights reserved.
1.16 + *
1.17 + * Redistribution and use in source and binary forms, with or without
1.18 + * modification, are permitted provided that the following conditions
1.19 + * are met:
1.20 + *
1.21 + * Redistributions of source code must retain the above copyright
1.22 + * notice, this list of conditions and the following disclaimer.
1.23 + *
1.24 + * Redistributions in binary form must reproduce the above
1.25 + * copyright notice, this list of conditions and the following
1.26 + * disclaimer in the documentation and/or other materials provided
1.27 + * with the distribution.
1.28 + *
1.29 + * Neither the name of the Cisco Systems, Inc. nor the names of its
1.30 + * contributors may be used to endorse or promote products derived
1.31 + * from this software without specific prior written permission.
1.32 + *
1.33 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
1.34 + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
1.35 + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
1.36 + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
1.37 + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
1.38 + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
1.39 + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
1.40 + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1.41 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
1.42 + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
1.43 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
1.44 + * OF THE POSSIBILITY OF SUCH DAMAGE.
1.45 + *
1.46 + */
1.47 +
1.48 +#include "config.h"
1.49 +
1.50 +#ifdef DEV_URANDOM
1.51 +# include <fcntl.h> /* for open() */
1.52 +# include <unistd.h> /* for close() */
1.53 +#elif defined(HAVE_RAND_S)
1.54 +# define _CRT_RAND_S
1.55 +# include <stdlib.h>
1.56 +#else
1.57 +# include <stdio.h>
1.58 +#endif
1.59 +
1.60 +#include "rand_source.h"
1.61 +
1.62 +
1.63 +/*
1.64 + * global dev_rand_fdes is file descriptor for /dev/random
1.65 + *
1.66 + * This variable is also used to indicate that the random source has
1.67 + * been initialized. When this variable is set to the value of the
1.68 + * #define RAND_SOURCE_NOT_READY, it indicates that the random source
1.69 + * is not ready to be used. The value of the #define
1.70 + * RAND_SOURCE_READY is for use whenever that variable is used as an
1.71 + * indicator of the state of the random source, but not as a file
1.72 + * descriptor.
1.73 + */
1.74 +
1.75 +#define RAND_SOURCE_NOT_READY (-1)
1.76 +#define RAND_SOURCE_READY (17)
1.77 +
1.78 +static int dev_random_fdes = RAND_SOURCE_NOT_READY;
1.79 +
1.80 +
1.81 +err_status_t
1.82 +rand_source_init(void) {
1.83 + if (dev_random_fdes >= 0) {
1.84 + /* already open */
1.85 + return err_status_ok;
1.86 + }
1.87 +#ifdef DEV_URANDOM
1.88 + /* open random source for reading */
1.89 + dev_random_fdes = open(DEV_URANDOM, O_RDONLY);
1.90 + if (dev_random_fdes < 0)
1.91 + return err_status_init_fail;
1.92 +#elif defined(HAVE_RAND_S)
1.93 + dev_random_fdes = RAND_SOURCE_READY;
1.94 +#else
1.95 + /* no random source available; let the user know */
1.96 + fprintf(stderr, "WARNING: no real random source present!\n");
1.97 + dev_random_fdes = RAND_SOURCE_READY;
1.98 +#endif
1.99 + return err_status_ok;
1.100 +}
1.101 +
1.102 +err_status_t
1.103 +rand_source_get_octet_string(void *dest, uint32_t len) {
1.104 +
1.105 + /*
1.106 + * read len octets from /dev/random to dest, and
1.107 + * check return value to make sure enough octets were
1.108 + * written
1.109 + */
1.110 +#ifdef DEV_URANDOM
1.111 + uint8_t *dst = (uint8_t *)dest;
1.112 + while (len)
1.113 + {
1.114 + ssize_t num_read = read(dev_random_fdes, dst, len);
1.115 + if (num_read <= 0 || num_read > len)
1.116 + return err_status_fail;
1.117 + len -= num_read;
1.118 + dst += num_read;
1.119 + }
1.120 +#elif defined(HAVE_RAND_S)
1.121 + uint8_t *dst = (uint8_t *)dest;
1.122 + while (len)
1.123 + {
1.124 + unsigned int val;
1.125 + errno_t err = rand_s(&val);
1.126 +
1.127 + if (err != 0)
1.128 + return err_status_fail;
1.129 +
1.130 + *dst++ = val & 0xff;
1.131 + len--;
1.132 + }
1.133 +#else
1.134 + /* Generic C-library (rand()) version */
1.135 + /* This is a random source of last resort */
1.136 + uint8_t *dst = (uint8_t *)dest;
1.137 + while (len)
1.138 + {
1.139 + int val = rand();
1.140 + /* rand() returns 0-32767 (ugh) */
1.141 + /* Is this a good enough way to get random bytes?
1.142 + It is if it passes FIPS-140... */
1.143 + *dst++ = val & 0xff;
1.144 + len--;
1.145 + }
1.146 +#endif
1.147 + return err_status_ok;
1.148 +}
1.149 +
1.150 +err_status_t
1.151 +rand_source_deinit(void) {
1.152 + if (dev_random_fdes < 0)
1.153 + return err_status_dealloc_fail; /* well, we haven't really failed, *
1.154 + * but there is something wrong */
1.155 +#ifdef DEV_URANDOM
1.156 + close(dev_random_fdes);
1.157 +#endif
1.158 + dev_random_fdes = RAND_SOURCE_NOT_READY;
1.159 +
1.160 + return err_status_ok;
1.161 +}
