1 /*
2 * rand_source.c
3 *
4 * implements a random source based on /dev/random
5 *
6 * David A. McGrew
7 * Cisco Systems, Inc.
8 */
9 /*
10 *
11 * Copyright(c) 2001-2006 Cisco Systems, Inc.
12 * All rights reserved.
13 *
14 * Redistribution and use in source and binary forms, with or without
15 * modification, are permitted provided that the following conditions
16 * are met:
17 *
18 * Redistributions of source code must retain the above copyright
19 * notice, this list of conditions and the following disclaimer.
20 *
21 * Redistributions in binary form must reproduce the above
22 * copyright notice, this list of conditions and the following
23 * disclaimer in the documentation and/or other materials provided
24 * with the distribution.
25 *
26 * Neither the name of the Cisco Systems, Inc. nor the names of its
27 * contributors may be used to endorse or promote products derived
28 * from this software without specific prior written permission.
29 *
30 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
31 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
32 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
33 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
34 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
35 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
36 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
37 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
39 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
40 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
41 * OF THE POSSIBILITY OF SUCH DAMAGE.
42 *
43 */
44
45 #include "config.h"
46
47 #ifdef DEV_URANDOM
48 # include <fcntl.h> /* for open() */
49 # include <unistd.h> /* for close() */
50 #elif defined(HAVE_RAND_S)
51 # define _CRT_RAND_S
52 # include <stdlib.h>
53 #else
54 # include <stdio.h>
55 #endif
56
57 #include "rand_source.h"
58
59
60 /*
61 * global dev_rand_fdes is file descriptor for /dev/random
62 *
63 * This variable is also used to indicate that the random source has
64 * been initialized. When this variable is set to the value of the
65 * #define RAND_SOURCE_NOT_READY, it indicates that the random source
66 * is not ready to be used. The value of the #define
67 * RAND_SOURCE_READY is for use whenever that variable is used as an
68 * indicator of the state of the random source, but not as a file
69 * descriptor.
70 */
71
72 #define RAND_SOURCE_NOT_READY (-1)
73 #define RAND_SOURCE_READY (17)
74
75 static int dev_random_fdes = RAND_SOURCE_NOT_READY;
76
77
78 err_status_t
rand_source_init(void)79 rand_source_init(void) {
80 if (dev_random_fdes >= 0) {
81 /* already open */
82 return err_status_ok;
83 }
84 #ifdef DEV_URANDOM
85 /* open random source for reading */
86 dev_random_fdes = open(DEV_URANDOM, O_RDONLY);
87 if (dev_random_fdes < 0)
88 return err_status_init_fail;
89 #elif defined(HAVE_RAND_S)
90 dev_random_fdes = RAND_SOURCE_READY;
91 #else
92 /* no random source available; let the user know */
93 fprintf(stderr, "WARNING: no real random source present!\n");
94 dev_random_fdes = RAND_SOURCE_READY;
95 #endif
96 return err_status_ok;
97 }
98
99 err_status_t
rand_source_get_octet_string(void * dest,uint32_t len)100 rand_source_get_octet_string(void *dest, uint32_t len) {
101
102 /*
103 * read len octets from /dev/random to dest, and
104 * check return value to make sure enough octets were
105 * written
106 */
107 #ifdef DEV_URANDOM
108 if (read(dev_random_fdes, dest, len) != len)
109 return err_status_fail;
110 #elif defined(HAVE_RAND_S)
111 uint8_t *dst = (uint8_t *)dest;
112 while (len)
113 {
114 unsigned int val;
115 errno_t err = rand_s(&val);
116
117 if (err != 0)
118 return err_status_fail;
119
120 *dst++ = val & 0xff;
121 len--;
122 }
123 #else
124 /* Generic C-library (rand()) version */
125 /* This is a random source of last resort */
126 uint8_t *dst = (uint8_t *)dest;
127 while (len)
128 {
129 int val = rand();
130 /* rand() returns 0-32767 (ugh) */
131 /* Is this a good enough way to get random bytes?
132 It is if it passes FIPS-140... */
133 *dst++ = val & 0xff;
134 len--;
135 }
136 #endif
137 return err_status_ok;
138 }
139
140 err_status_t
rand_source_deinit(void)141 rand_source_deinit(void) {
142 if (dev_random_fdes < 0)
143 return err_status_dealloc_fail; /* well, we haven't really failed, *
144 * but there is something wrong */
145 #ifdef DEV_URANDOM
146 close(dev_random_fdes);
147 #endif
148 dev_random_fdes = RAND_SOURCE_NOT_READY;
149
150 return err_status_ok;
151 }
152