1 | /* apps/app_rand.c */ |
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 | * All rights reserved. |
4 | * |
5 | * This package is an SSL implementation written |
6 | * by Eric Young (eay@cryptsoft.com). |
7 | * The implementation was written so as to conform with Netscapes SSL. |
8 | * |
9 | * This library is free for commercial and non-commercial use as long as |
10 | * the following conditions are aheared to. The following conditions |
11 | * apply to all code found in this distribution, be it the RC4, RSA, |
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation |
13 | * included with this distribution is covered by the same copyright terms |
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). |
15 | * |
16 | * Copyright remains Eric Young's, and as such any Copyright notices in |
17 | * the code are not to be removed. |
18 | * If this package is used in a product, Eric Young should be given attribution |
19 | * as the author of the parts of the library used. |
20 | * This can be in the form of a textual message at program startup or |
21 | * in documentation (online or textual) provided with the package. |
22 | * |
23 | * Redistribution and use in source and binary forms, with or without |
24 | * modification, are permitted provided that the following conditions |
25 | * are met: |
26 | * 1. Redistributions of source code must retain the copyright |
27 | * notice, this list of conditions and the following disclaimer. |
28 | * 2. Redistributions in binary form must reproduce the above copyright |
29 | * notice, this list of conditions and the following disclaimer in the |
30 | * documentation and/or other materials provided with the distribution. |
31 | * 3. All advertising materials mentioning features or use of this software |
32 | * must display the following acknowledgement: |
33 | * "This product includes cryptographic software written by |
34 | * Eric Young (eay@cryptsoft.com)" |
35 | * The word 'cryptographic' can be left out if the rouines from the library |
36 | * being used are not cryptographic related :-). |
37 | * 4. If you include any Windows specific code (or a derivative thereof) from |
38 | * the apps directory (application code) you must include an acknowledgement: |
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
40 | * |
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE |
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
51 | * SUCH DAMAGE. |
52 | * |
53 | * The licence and distribution terms for any publically available version or |
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be |
55 | * copied and put under another distribution licence |
56 | * [including the GNU Public Licence.] |
57 | */ |
58 | /* ==================================================================== |
59 | * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. |
60 | * |
61 | * Redistribution and use in source and binary forms, with or without |
62 | * modification, are permitted provided that the following conditions |
63 | * are met: |
64 | * |
65 | * 1. Redistributions of source code must retain the above copyright |
66 | * notice, this list of conditions and the following disclaimer. |
67 | * |
68 | * 2. Redistributions in binary form must reproduce the above copyright |
69 | * notice, this list of conditions and the following disclaimer in |
70 | * the documentation and/or other materials provided with the |
71 | * distribution. |
72 | * |
73 | * 3. All advertising materials mentioning features or use of this |
74 | * software must display the following acknowledgment: |
75 | * "This product includes software developed by the OpenSSL Project |
76 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" |
77 | * |
78 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
79 | * endorse or promote products derived from this software without |
80 | * prior written permission. For written permission, please contact |
81 | * openssl-core@openssl.org. |
82 | * |
83 | * 5. Products derived from this software may not be called "OpenSSL" |
84 | * nor may "OpenSSL" appear in their names without prior written |
85 | * permission of the OpenSSL Project. |
86 | * |
87 | * 6. Redistributions of any form whatsoever must retain the following |
88 | * acknowledgment: |
89 | * "This product includes software developed by the OpenSSL Project |
90 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" |
91 | * |
92 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
93 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
94 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
95 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
96 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
97 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
98 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
99 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
100 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
101 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
102 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
103 | * OF THE POSSIBILITY OF SUCH DAMAGE. |
104 | * ==================================================================== |
105 | * |
106 | * This product includes cryptographic software written by Eric Young |
107 | * (eay@cryptsoft.com). This product includes software written by Tim |
108 | * Hudson (tjh@cryptsoft.com). |
109 | * |
110 | */ |
111 | |
112 | #define NON_MAIN |
113 | #include "apps.h" |
114 | #undef NON_MAIN |
115 | #include <openssl/bio.h> |
116 | #include <openssl/rand.h> |
117 | |
118 | |
119 | static int seeded = 0; |
120 | static int egdsocket = 0; |
121 | |
122 | int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn) |
123 | { |
124 | int consider_randfile = (file == NULL); |
125 | char buffer[200]; |
126 | |
127 | #ifdef OPENSSL_SYS_WINDOWS |
128 | BIO_printf(bio_e,"Loading 'screen' into random state -" ); |
129 | BIO_flush(bio_e); |
130 | RAND_screen(); |
131 | BIO_printf(bio_e," done\n" ); |
132 | #endif |
133 | |
134 | if (file == NULL) |
135 | file = RAND_file_name(buffer, sizeof buffer); |
136 | else if (RAND_egd(file) > 0) |
137 | { |
138 | /* we try if the given filename is an EGD socket. |
139 | if it is, we don't write anything back to the file. */ |
140 | egdsocket = 1; |
141 | return 1; |
142 | } |
143 | if (file == NULL || !RAND_load_file(file, -1)) |
144 | { |
145 | if (RAND_status() == 0) |
146 | { |
147 | if (!dont_warn) |
148 | { |
149 | BIO_printf(bio_e,"unable to load 'random state'\n" ); |
150 | BIO_printf(bio_e,"This means that the random number generator has not been seeded\n" ); |
151 | BIO_printf(bio_e,"with much random data.\n" ); |
152 | if (consider_randfile) /* explanation does not apply when a file is explicitly named */ |
153 | { |
154 | BIO_printf(bio_e,"Consider setting the RANDFILE environment variable to point at a file that\n" ); |
155 | BIO_printf(bio_e,"'random' data can be kept in (the file will be overwritten).\n" ); |
156 | } |
157 | } |
158 | return 0; |
159 | } |
160 | } |
161 | seeded = 1; |
162 | return 1; |
163 | } |
164 | |
165 | long app_RAND_load_files(char *name) |
166 | { |
167 | char *p,*n; |
168 | int last; |
169 | long tot=0; |
170 | int egd; |
171 | |
172 | for (;;) |
173 | { |
174 | last=0; |
175 | for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++); |
176 | if (*p == '\0') last=1; |
177 | *p='\0'; |
178 | n=name; |
179 | name=p+1; |
180 | if (*n == '\0') break; |
181 | |
182 | egd=RAND_egd(n); |
183 | if (egd > 0) |
184 | tot+=egd; |
185 | else |
186 | tot+=RAND_load_file(n,-1); |
187 | if (last) break; |
188 | } |
189 | if (tot > 512) |
190 | app_RAND_allow_write_file(); |
191 | return(tot); |
192 | } |
193 | |
194 | int app_RAND_write_file(const char *file, BIO *bio_e) |
195 | { |
196 | char buffer[200]; |
197 | |
198 | if (egdsocket || !seeded) |
199 | /* If we did not manage to read the seed file, |
200 | * we should not write a low-entropy seed file back -- |
201 | * it would suppress a crucial warning the next time |
202 | * we want to use it. */ |
203 | return 0; |
204 | |
205 | if (file == NULL) |
206 | file = RAND_file_name(buffer, sizeof buffer); |
207 | if (file == NULL || !RAND_write_file(file)) |
208 | { |
209 | BIO_printf(bio_e,"unable to write 'random state'\n" ); |
210 | return 0; |
211 | } |
212 | return 1; |
213 | } |
214 | |
215 | void app_RAND_allow_write_file(void) |
216 | { |
217 | seeded = 1; |
218 | } |
219 | |