diff options
author | markm <markm@FreeBSD.org> | 2000-02-24 13:20:48 +0000 |
---|---|---|
committer | markm <markm@FreeBSD.org> | 2000-02-24 13:20:48 +0000 |
commit | 4d2ec46519fa9f998505f49c57de1b1b3186ee6d (patch) | |
tree | 6d004ab27e0b299c3ac7905c6895ee4aa12803f2 /crypto/openssl | |
parent | 3aaee576c1687794f25ad3ae51a5241e6ba7c7d4 (diff) | |
download | FreeBSD-src-4d2ec46519fa9f998505f49c57de1b1b3186ee6d.zip FreeBSD-src-4d2ec46519fa9f998505f49c57de1b1b3186ee6d.tar.gz |
Oops; forgot to add this.
Diffstat (limited to 'crypto/openssl')
-rw-r--r-- | crypto/openssl/crypto/des/rnd_keys.c | 444 |
1 files changed, 444 insertions, 0 deletions
diff --git a/crypto/openssl/crypto/des/rnd_keys.c b/crypto/openssl/crypto/des/rnd_keys.c new file mode 100644 index 0000000..c2626c4 --- /dev/null +++ b/crypto/openssl/crypto/des/rnd_keys.c @@ -0,0 +1,444 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $Id$ + * $FreeBSD$ + */ + +#include <openssl/des.h> +#include <sys/types.h> +#include <sys/wait.h> +#include <sys/time.h> +#include <sys/resource.h> +#include <fcntl.h> +#include <signal.h> +#include <string.h> +#include <time.h> +#include <unistd.h> + +#ifndef RETSIGTYPE +#define RETSIGTYPE void +#define SIGRETURN(x) return +#else +#define SIGRETURN(x) return (RETSIGTYPE)(x) +#endif + +/* + * Generate "random" data by checksumming a file. + * + * Returns -1 if there were any problems with permissions or I/O + * errors. + */ +static +int +sumFile (const char *name, int len, void *res) +{ + u_int32_t sum[2]; + u_int32_t buf[1024*2]; + int fd, i; + + fd = open (name, 0); + if (fd < 0) + return -1; + + while (len > 0) + { + int n = read(fd, buf, sizeof(buf)); + if (n < 0) + { + close(fd); + return n; + } + for (i = 0; i < (n/sizeof(buf[0])); i++) + { + sum[0] += buf[i]; + i++; + sum[1] += buf[i]; + } + len -= n; + } + close (fd); + memcpy (res, &sum, sizeof(sum)); + return 0; +} + +/* + * Create a sequence of random 64 bit blocks. + * The sequence is indexed with a long long and + * based on an initial des key used as a seed. + */ +static des_key_schedule sequence_seed; +static u_int32_t sequence_index[2]; + +/* + * Random number generator based on ideas from truerand in cryptolib + * as described on page 424 in Applied Cryptography 2 ed. by Bruce + * Schneier. + */ + +static volatile int counter; +static volatile unsigned char *gdata; /* Global data */ +static volatile int igdata; /* Index into global data */ +static int gsize; + +#if !defined(WIN32) && !defined(__EMX__) && !defined(__OS2__) && !defined(__CYGWIN32__) +/* Visual C++ 4.0 (Windows95/NT) */ + +static +RETSIGTYPE +sigALRM(int sig) +{ + if (igdata < gsize) + gdata[igdata++] ^= counter & 0xff; + +#ifndef HAVE_SIGACTION + signal(SIGALRM, sigALRM); /* Reinstall SysV signal handler */ +#endif + SIGRETURN(0); +} + +#endif + +#if !defined(HAVE_RANDOM) && defined(HAVE_RAND) +#ifndef srandom +#define srandom srand +#endif +#ifndef random +#define random rand +#endif +#endif + +static void +des_not_rand_data(unsigned char *data, int size) +{ + int i; + + srandom (time (NULL)); + + for(i = 0; i < size; ++i) + data[i] ^= random() % 0x100; +} + +#if !defined(WIN32) && !defined(__EMX__) && !defined(__OS2__) && !defined(__CYGWIN32__) + +#ifndef HAVE_SETITIMER +static void +pacemaker(struct timeval *tv) +{ + fd_set fds; + pid_t pid; + pid = getppid(); + while(1){ + FD_ZERO(&fds); + FD_SET(0, &fds); + select(1, &fds, NULL, NULL, tv); + kill(pid, SIGALRM); + } +} +#endif + +#ifdef HAVE_SIGACTION +/* XXX ugly hack, should perhaps use function from roken */ +static RETSIGTYPE +(*fake_signal(int sig, RETSIGTYPE (*f)(int)))(int) +{ + struct sigaction sa, osa; + sa.sa_handler = f; + sa.sa_flags = 0; + sigemptyset(&sa.sa_mask); + sigaction(sig, &sa, &osa); + return osa.sa_handler; +} +#define signal(S, F) fake_signal((S), (F)) +#endif + +/* + * Generate size bytes of "random" data using timed interrupts. + * It takes about 40ms/byte random data. + * It's not neccessary to be root to run it. + */ +void +des_rand_data(unsigned char *data, int size) +{ + struct itimerval tv; +#ifdef HAVE_SETITIMER + struct itimerval otv; +#endif + RETSIGTYPE (*osa)(int); + int i, j; +#ifndef HAVE_SETITIMER + RETSIGTYPE (*ochld)(int); + pid_t pid; +#endif + char *rnd_devices[] = {"/dev/random", + "/dev/srandom", + "/dev/urandom", + NULL}; + char **p; + + for(p = rnd_devices; *p; p++) { + int fd = open(*p, O_RDONLY | O_NDELAY); + + if(fd >= 0 && read(fd, data, size) == size) { + close(fd); + return; + } + close(fd); + } + + /* Paranoia? Initialize data from /dev/mem if we can read it. */ + if (size >= 8) + sumFile("/dev/mem", (1024*1024*2), data); + + gdata = data; + gsize = size; + igdata = 0; + + osa = signal(SIGALRM, sigALRM); + + /* Start timer */ + tv.it_value.tv_sec = 0; + tv.it_value.tv_usec = 10 * 1000; /* 10 ms */ + tv.it_interval = tv.it_value; +#ifdef HAVE_SETITIMER + setitimer(ITIMER_REAL, &tv, &otv); +#else + ochld = signal(SIGCHLD, SIG_IGN); + pid = fork(); + if(pid == -1){ + signal(SIGCHLD, ochld != SIG_ERR ? ochld : SIG_DFL); + des_not_rand_data(data, size); + return; + } + if(pid == 0) + pacemaker(&tv.it_interval); +#endif + + for(i = 0; i < 4; i++) { + for (igdata = 0; igdata < size;) /* igdata++ in sigALRM */ + counter++; + for (j = 0; j < size; j++) /* Only use 2 bits each lap */ + gdata[j] = (gdata[j]>>2) | (gdata[j]<<6); + } +#ifdef HAVE_SETITIMER + setitimer(ITIMER_REAL, &otv, 0); +#else + kill(pid, SIGKILL); + while(waitpid(pid, NULL, 0) != pid); + signal(SIGCHLD, ochld != SIG_ERR ? ochld : SIG_DFL); +#endif + signal(SIGALRM, osa != SIG_ERR ? osa : SIG_DFL); +} +#else +void +des_rand_data(unsigned char *p, int s) +{ + des_not_rand_data (p, s); +} +#endif + +void +des_generate_random_block(des_cblock *block) +{ + des_rand_data((unsigned char *)block, sizeof(*block)); +} + +/* + * Generate a "random" DES key. + */ +void +des_rand_data_key(des_cblock *key) +{ + unsigned char data[8]; + des_key_schedule sched; + do { + des_rand_data(data, sizeof(data)); + des_rand_data((unsigned char*)key, sizeof(des_cblock)); + des_set_odd_parity(key); + des_key_sched(key, sched); + des_ecb_encrypt(&data, key, sched, DES_ENCRYPT); + memset(&data, 0, sizeof(data)); + memset(&sched, 0, sizeof(sched)); + des_set_odd_parity(key); + } while(des_is_weak_key(key)); +} + +/* + * Generate "random" data by checksumming /dev/mem + * + * It's neccessary to be root to run it. Returns -1 if there were any + * problems with permissions. + */ +int +des_mem_rand8(unsigned char *data) +{ + return 1; +} + +/* + * In case the generator does not get initialized use this as fallback. + */ +static int initialized; + +static void +do_initialize(void) +{ + des_cblock default_seed; + do { + des_generate_random_block(&default_seed); + des_set_odd_parity(&default_seed); + } while (des_is_weak_key(&default_seed)); + des_init_random_number_generator(&default_seed); +} + +#define zero_long_long(ll) do { ll[0] = ll[1] = 0; } while (0) + +#define incr_long_long(ll) do { if (++ll[0] == 0) ++ll[1]; } while (0) + +#define set_sequence_number(ll) \ +memcpy((char *)sequence_index, (ll), sizeof(sequence_index)); + +/* + * Set the sequnce number to this value (a long long). + */ +void +des_set_sequence_number(unsigned char *ll) +{ + set_sequence_number(ll); +} + +/* + * Set the generator seed and reset the sequence number to 0. + */ +void +des_set_random_generator_seed(des_cblock *seed) +{ + des_key_sched(seed, sequence_seed); + zero_long_long(sequence_index); + initialized = 1; +} + +/* + * Generate a sequence of random des keys + * using the random block sequence, fixup + * parity and skip weak keys. + */ +int +des_new_random_key(des_cblock *key) +{ + if (!initialized) + do_initialize(); + + do { + des_ecb_encrypt((des_cblock *) sequence_index, + key, + sequence_seed, + DES_ENCRYPT); + incr_long_long(sequence_index); + /* random key must have odd parity and not be weak */ + des_set_odd_parity(key); + } while (des_is_weak_key(key)); + return(0); +} + +/* + * des_init_random_number_generator: + * + * Initialize the sequence of random 64 bit blocks. The input seed + * can be a secret key since it should be well hidden and is also not + * kept. + * + */ +void +des_init_random_number_generator(des_cblock *seed) +{ + struct timeval now; + des_cblock uniq; + des_cblock new_key; + + gettimeofday(&now, (struct timezone *)0); + des_generate_random_block(&uniq); + + /* Pick a unique random key from the shared sequence. */ + des_set_random_generator_seed(seed); + set_sequence_number((unsigned char *)&uniq); + des_new_random_key(&new_key); + + /* Select a new nonshared sequence, */ + des_set_random_generator_seed(&new_key); + + /* and use the current time to pick a key for the new sequence. */ + set_sequence_number((unsigned char *)&now); + des_new_random_key(&new_key); + des_set_random_generator_seed(&new_key); +} + +#ifdef TESTRUN +int +main() +{ + unsigned char data[8]; + int i; + + while (1) + { + if (sumFile("/dev/mem", (1024*1024*8), data) != 0) + { perror("sumFile"); exit(1); } + for (i = 0; i < 8; i++) + printf("%02x", data[i]); + printf("\n"); + } +} +#endif + +#ifdef TESTRUN2 +int +main() +{ + des_cblock data; + int i; + + while (1) + { + do_initialize(); + des_random_key(data); + for (i = 0; i < 8; i++) + printf("%02x", data[i]); + printf("\n"); + } +} +#endif |