diff options
author | markm <markm@FreeBSD.org> | 2003-01-28 21:43:22 +0000 |
---|---|---|
committer | markm <markm@FreeBSD.org> | 2003-01-28 21:43:22 +0000 |
commit | aad1d64cb5a8d9b503d9199642363dc1e92d2f9b (patch) | |
tree | 610a51c6e3965764fb0f1629c1376e2d23afffe8 /crypto/openssl/crypto/rand/rand_egd.c | |
parent | eba366e36e93f5da8ae5c744eb337c3ef6872641 (diff) | |
download | FreeBSD-src-aad1d64cb5a8d9b503d9199642363dc1e92d2f9b.zip FreeBSD-src-aad1d64cb5a8d9b503d9199642363dc1e92d2f9b.tar.gz |
Vendor import of OpenSSL release 0.9.7. This release includes
support for AES and OpenBSD's hardware crypto.
Diffstat (limited to 'crypto/openssl/crypto/rand/rand_egd.c')
-rw-r--r-- | crypto/openssl/crypto/rand/rand_egd.c | 238 |
1 files changed, 179 insertions, 59 deletions
diff --git a/crypto/openssl/crypto/rand/rand_egd.c b/crypto/openssl/crypto/rand/rand_egd.c index a660169..1f16822 100644 --- a/crypto/openssl/crypto/rand/rand_egd.c +++ b/crypto/openssl/crypto/rand/rand_egd.c @@ -1,5 +1,5 @@ /* crypto/rand/rand_egd.c */ -/* Written by Ulf Moeller for the OpenSSL project. */ +/* Written by Ulf Moeller and Lutz Jaenicke for the OpenSSL project. */ /* ==================================================================== * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. * @@ -54,12 +54,51 @@ * */ +#include <openssl/e_os2.h> #include <openssl/rand.h> -/* Query the EGD <URL: http://www.lothar.com/tech/crypto/>. +/* + * Query the EGD <URL: http://www.lothar.com/tech/crypto/>. + * + * This module supplies three routines: + * + * RAND_query_egd_bytes(path, buf, bytes) + * will actually query "bytes" bytes of entropy form the egd-socket located + * at path and will write them to buf (if supplied) or will directly feed + * it to RAND_seed() if buf==NULL. + * The number of bytes is not limited by the maximum chunk size of EGD, + * which is 255 bytes. If more than 255 bytes are wanted, several chunks + * of entropy bytes are requested. The connection is left open until the + * query is competed. + * RAND_query_egd_bytes() returns with + * -1 if an error occured during connection or communication. + * num the number of bytes read from the EGD socket. This number is either + * the number of bytes requested or smaller, if the EGD pool is + * drained and the daemon signals that the pool is empty. + * This routine does not touch any RAND_status(). This is necessary, since + * PRNG functions may call it during initialization. + * + * RAND_egd_bytes(path, bytes) will query "bytes" bytes and have them + * used to seed the PRNG. + * RAND_egd_bytes() is a wrapper for RAND_query_egd_bytes() with buf=NULL. + * Unlike RAND_query_egd_bytes(), RAND_status() is used to test the + * seed status so that the return value can reflect the seed state: + * -1 if an error occured during connection or communication _or_ + * if the PRNG has still not received the required seeding. + * num the number of bytes read from the EGD socket. This number is either + * the number of bytes requested or smaller, if the EGD pool is + * drained and the daemon signals that the pool is empty. + * + * RAND_egd(path) will query 255 bytes and use the bytes retreived to seed + * the PRNG. + * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. */ -#if defined(WIN32) || defined(VMS) || defined(__VMS) +#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) +int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) + { + return(-1); + } int RAND_egd(const char *path) { return(-1); @@ -75,7 +114,7 @@ int RAND_egd_bytes(const char *path,int bytes) #include <sys/types.h> #include <sys/socket.h> #ifndef NO_SYS_UN_H -# ifdef VXWORKS +# ifdef OPENSSL_SYS_VXWORKS # include <streams/un.h> # else # include <sys/un.h> @@ -87,87 +126,149 @@ struct sockaddr_un { }; #endif /* NO_SYS_UN_H */ #include <string.h> +#include <errno.h> #ifndef offsetof # define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER) #endif -int RAND_egd(const char *path) - { - int ret = -1; - struct sockaddr_un addr; - int len, num; - int fd = -1; - unsigned char buf[256]; - - memset(&addr, 0, sizeof(addr)); - addr.sun_family = AF_UNIX; - if (strlen(path) > sizeof(addr.sun_path)) - return (-1); - strcpy(addr.sun_path,path); - len = offsetof(struct sockaddr_un, sun_path) + strlen(path); - fd = socket(AF_UNIX, SOCK_STREAM, 0); - if (fd == -1) return (-1); - if (connect(fd, (struct sockaddr *)&addr, len) == -1) goto err; - buf[0] = 1; - buf[1] = 255; - write(fd, buf, 2); - if (read(fd, buf, 1) != 1) goto err; - if (buf[0] == 0) goto err; - num = read(fd, buf, 255); - if (num < 1) goto err; - RAND_seed(buf, num); - if (RAND_status() == 1) - ret = num; - err: - if (fd != -1) close(fd); - return(ret); - } - -int RAND_egd_bytes(const char *path,int bytes) +int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) { int ret = 0; struct sockaddr_un addr; - int len, num; + int len, num, numbytes; int fd = -1; - unsigned char buf[255]; + int success; + unsigned char egdbuf[2], tempbuf[255], *retrievebuf; memset(&addr, 0, sizeof(addr)); addr.sun_family = AF_UNIX; - if (strlen(path) > sizeof(addr.sun_path)) + if (strlen(path) >= sizeof(addr.sun_path)) return (-1); strcpy(addr.sun_path,path); len = offsetof(struct sockaddr_un, sun_path) + strlen(path); fd = socket(AF_UNIX, SOCK_STREAM, 0); if (fd == -1) return (-1); - if (connect(fd, (struct sockaddr *)&addr, len) == -1) goto err; + success = 0; + while (!success) + { + if (connect(fd, (struct sockaddr *)&addr, len) == 0) + success = 1; + else + { + switch (errno) + { +#ifdef EINTR + case EINTR: +#endif +#ifdef EAGAIN + case EAGAIN: +#endif +#ifdef EINPROGRESS + case EINPROGRESS: +#endif +#ifdef EALREADY + case EALREADY: +#endif + /* No error, try again */ + break; +#ifdef EISCONN + case EISCONN: + success = 1; + break; +#endif + default: + goto err; /* failure */ + } + } + } while(bytes > 0) { - buf[0] = 1; - buf[1] = bytes < 255 ? bytes : 255; - write(fd, buf, 2); - if (read(fd, buf, 1) != 1) + egdbuf[0] = 1; + egdbuf[1] = bytes < 255 ? bytes : 255; + numbytes = 0; + while (numbytes != 2) { - ret=-1; - goto err; + num = write(fd, egdbuf + numbytes, 2 - numbytes); + if (num >= 0) + numbytes += num; + else + { + switch (errno) + { +#ifdef EINTR + case EINTR: +#endif +#ifdef EAGAIN + case EAGAIN: +#endif + /* No error, try again */ + break; + default: + ret = -1; + goto err; /* failure */ + } + } } - if(buf[0] == 0) - goto err; - num = read(fd, buf, buf[0]); - if (num < 1) + numbytes = 0; + while (numbytes != 1) { - ret=-1; - goto err; + num = read(fd, egdbuf, 1); + if (num >= 0) + numbytes += num; + else + { + switch (errno) + { +#ifdef EINTR + case EINTR: +#endif +#ifdef EAGAIN + case EAGAIN: +#endif + /* No error, try again */ + break; + default: + ret = -1; + goto err; /* failure */ + } + } } - RAND_seed(buf, num); - if (RAND_status() != 1) - { - ret=-1; + if(egdbuf[0] == 0) goto err; + if (buf) + retrievebuf = buf + ret; + else + retrievebuf = tempbuf; + numbytes = 0; + while (numbytes != egdbuf[0]) + { + num = read(fd, retrievebuf + numbytes, egdbuf[0] - numbytes); + if (num >= 0) + numbytes += num; + else + { + switch (errno) + { +#ifdef EINTR + case EINTR: +#endif +#ifdef EAGAIN + case EAGAIN: +#endif + /* No error, try again */ + break; + default: + ret = -1; + goto err; /* failure */ + } + } } - ret += num; - bytes-=num; + ret += egdbuf[0]; + bytes -= egdbuf[0]; + if (!buf) + RAND_seed(tempbuf, egdbuf[0]); } err: if (fd != -1) close(fd); @@ -175,4 +276,23 @@ int RAND_egd_bytes(const char *path,int bytes) } +int RAND_egd_bytes(const char *path, int bytes) + { + int num, ret = 0; + + num = RAND_query_egd_bytes(path, NULL, bytes); + if (num < 1) goto err; + if (RAND_status() == 1) + ret = num; + err: + return(ret); + } + + +int RAND_egd(const char *path) + { + return (RAND_egd_bytes(path, 255)); + } + + #endif |