1 /* apps/app_rand.c */

     2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

     3  * All rights reserved.

     4  *

     5  * This package is an SSL implementation written

     6  * by Eric Young (eay@cryptsoft.com).

     7  * The implementation was written so as to conform with Netscapes SSL.

     8  * 

     9  * This library is free for commercial and non-commercial use as long as

    10  * the following conditions are aheared to.  The following conditions

    11  * apply to all code found in this distribution, be it the RC4, RSA,

    12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

    13  * included with this distribution is covered by the same copyright terms

    14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

    15  * 

    16  * Copyright remains Eric Young's, and as such any Copyright notices in

    17  * the code are not to be removed.

    18  * If this package is used in a product, Eric Young should be given attribution

    19  * as the author of the parts of the library used.

    20  * This can be in the form of a textual message at program startup or

    21  * in documentation (online or textual) provided with the package.

    22  * 

    23  * Redistribution and use in source and binary forms, with or without

    24  * modification, are permitted provided that the following conditions

    25  * are met:

    26  * 1. Redistributions of source code must retain the copyright

    27  *    notice, this list of conditions and the following disclaimer.

    28  * 2. Redistributions in binary form must reproduce the above copyright

    29  *    notice, this list of conditions and the following disclaimer in the

    30  *    documentation and/or other materials provided with the distribution.

    31  * 3. All advertising materials mentioning features or use of this software

    32  *    must display the following acknowledgement:

    33  *    "This product includes cryptographic software written by

    34  *     Eric Young (eay@cryptsoft.com)"

    35  *    The word 'cryptographic' can be left out if the rouines from the library

    36  *    being used are not cryptographic related :-).

    37  * 4. If you include any Windows specific code (or a derivative thereof) from 

    38  *    the apps directory (application code) you must include an acknowledgement:

    39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

    40  * 

    41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

    42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

    43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

    44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

    45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

    46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

    47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

    48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

    49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

    50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

    51  * SUCH DAMAGE.

    52  * 

    53  * The licence and distribution terms for any publically available version or

    54  * derivative of this code cannot be changed.  i.e. this code cannot simply be

    55  * copied and put under another distribution licence

    56  * [including the GNU Public Licence.]

    57  */

    58 /* ====================================================================

    59  * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.

    60  *

    61  * Redistribution and use in source and binary forms, with or without

    62  * modification, are permitted provided that the following conditions

    63  * are met:

    64  *

    65  * 1. Redistributions of source code must retain the above copyright

    66  *    notice, this list of conditions and the following disclaimer. 

    67  *

    68  * 2. Redistributions in binary form must reproduce the above copyright

    69  *    notice, this list of conditions and the following disclaimer in

    70  *    the documentation and/or other materials provided with the

    71  *    distribution.

    72  *

    73  * 3. All advertising materials mentioning features or use of this

    74  *    software must display the following acknowledgment:

    75  *    "This product includes software developed by the OpenSSL Project

    76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"

    77  *

    78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

    79  *    endorse or promote products derived from this software without

    80  *    prior written permission. For written permission, please contact

    81  *    openssl-core@openssl.org.

    82  *

    83  * 5. Products derived from this software may not be called "OpenSSL"

    84  *    nor may "OpenSSL" appear in their names without prior written

    85  *    permission of the OpenSSL Project.

    86  *

    87  * 6. Redistributions of any form whatsoever must retain the following

    88  *    acknowledgment:

    89  *    "This product includes software developed by the OpenSSL Project

    90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"

    91  *

    92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

    93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

    94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

    95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

    96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

    97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

    98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

    99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

   100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

   101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

   102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

   103  * OF THE POSSIBILITY OF SUCH DAMAGE.

   104  * ====================================================================

   105  *

   106  * This product includes cryptographic software written by Eric Young

   107  * (eay@cryptsoft.com).  This product includes software written by Tim

   108  * Hudson (tjh@cryptsoft.com).

   109  *

   110  */

   111 

   112 #define NON_MAIN

   113 #include "apps.h"

   114 #undef NON_MAIN

   115 #include <openssl/bio.h>

   116 #include <openssl/rand.h>

   117 

   118 static int seeded = 0;

   119 static int egdsocket = 0;

   120 

   121 int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)

   122 	{

   123 	int consider_randfile = (file == NULL);

   124 	char buffer[200];

   125 	

   126 #ifdef OPENSSL_SYS_WINDOWS

   127 	BIO_printf(bio_e,"Loading 'screen' into random state -");

   128 	BIO_flush(bio_e);

   129 	RAND_screen();

   130 	BIO_printf(bio_e," done\n");

   131 #endif

   132 

   133 	if (file == NULL)

   134 		file = RAND_file_name(buffer, sizeof buffer);

   135 	else if (RAND_egd(file) > 0)

   136 		{

   137 		/* we try if the given filename is an EGD socket.

   138 		   if it is, we don't write anything back to the file. */

   139 		egdsocket = 1;

   140 		return 1;

   141 		}

   142 	if (file == NULL || !RAND_load_file(file, -1))

   143 		{

   144 		if (RAND_status() == 0)

   145 			{

   146 			if (!dont_warn)

   147 				{

   148 				BIO_printf(bio_e,"unable to load 'random state'\n");

   149 				BIO_printf(bio_e,"This means that the random number generator has not been seeded\n");

   150 				BIO_printf(bio_e,"with much random data.\n");

   151 				if (consider_randfile) /* explanation does not apply when a file is explicitly named */

   152 					{

   153 					BIO_printf(bio_e,"Consider setting the RANDFILE environment variable to point at a file that\n");

   154 					BIO_printf(bio_e,"'random' data can be kept in (the file will be overwritten).\n");

   155 					}

   156 				}

   157 			return 0;

   158 			}

   159 		}

   160 	seeded = 1;

   161 	return 1;

   162 	}

   163 

   164 long app_RAND_load_files(char *name)

   165 	{

   166 	char *p,*n;

   167 	int last;

   168 	long tot=0;

   169 	int egd;

   170 	

   171 	for (;;)

   172 		{

   173 		last=0;

   174 		for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++);

   175 		if (*p == '\0') last=1;

   176 		*p='\0';

   177 		n=name;

   178 		name=p+1;

   179 		if (*n == '\0') break;

   180 

   181 		egd=RAND_egd(n);

   182 		if (egd > 0)

   183 			tot+=egd;

   184 		else

   185 			tot+=RAND_load_file(n,-1);

   186 		if (last) break;

   187 		}

   188 	if (tot > 512)

   189 		app_RAND_allow_write_file();

   190 	return(tot);

   191 	}

   192 

   193 int app_RAND_write_file(const char *file, BIO *bio_e)

   194 	{

   195 	char buffer[200];

   196 	

   197 	if (egdsocket || !seeded)

   198 		/* If we did not manage to read the seed file,

   199 		 * we should not write a low-entropy seed file back --

   200 		 * it would suppress a crucial warning the next time

   201 		 * we want to use it. */

   202 		return 0;

   203 

   204 	if (file == NULL)

   205 		file = RAND_file_name(buffer, sizeof buffer);

   206 	if (file == NULL || !RAND_write_file(file))

   207 		{

   208 		BIO_printf(bio_e,"unable to write 'random state'\n");

   209 		return 0;

   210 		}

   211 	return 1;

   212 	}

   213 

   214 void app_RAND_allow_write_file(void)

   215 	{

   216 	seeded = 1;

   217 	}