1656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* crypto/rand/md_rand.c */ 2656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * All rights reserved. 4656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 5656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This package is an SSL implementation written 6656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * by Eric Young (eay@cryptsoft.com). 7656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The implementation was written so as to conform with Netscapes SSL. 8656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 9656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This library is free for commercial and non-commercial use as long as 10656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the following conditions are aheared to. The following conditions 11656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * apply to all code found in this distribution, be it the RC4, RSA, 12656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * included with this distribution is covered by the same copyright terms 14656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 16656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Copyright remains Eric Young's, and as such any Copyright notices in 17656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the code are not to be removed. 18656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * If this package is used in a product, Eric Young should be given attribution 19656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * as the author of the parts of the library used. 20656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This can be in the form of a textual message at program startup or 21656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * in documentation (online or textual) provided with the package. 22656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 23656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Redistribution and use in source and binary forms, with or without 24656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * modification, are permitted provided that the following conditions 25656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are met: 26656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 1. Redistributions of source code must retain the copyright 27656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer. 28656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 29656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer in the 30656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * documentation and/or other materials provided with the distribution. 31656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 3. All advertising materials mentioning features or use of this software 32656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * must display the following acknowledgement: 33656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes cryptographic software written by 34656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Eric Young (eay@cryptsoft.com)" 35656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The word 'cryptographic' can be left out if the rouines from the library 36656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * being used are not cryptographic related :-). 37656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 4. If you include any Windows specific code (or a derivative thereof) from 38656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the apps directory (application code) you must include an acknowledgement: 39656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 41656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SUCH DAMAGE. 52656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 53656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The licence and distribution terms for any publically available version or 54656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * derivative of this code cannot be changed. i.e. this code cannot simply be 55656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * copied and put under another distribution licence 56656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * [including the GNU Public Licence.] 57656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 58656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* ==================================================================== 59656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. 60656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 61656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Redistribution and use in source and binary forms, with or without 62656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * modification, are permitted provided that the following conditions 63656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are met: 64656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 65656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 1. Redistributions of source code must retain the above copyright 66656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer. 67656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 68656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 69656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer in 70656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the documentation and/or other materials provided with the 71656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * distribution. 72656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 73656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 3. All advertising materials mentioning features or use of this 74656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * software must display the following acknowledgment: 75656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 76656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 78656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * endorse or promote products derived from this software without 80656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * prior written permission. For written permission, please contact 81656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * openssl-core@openssl.org. 82656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 83656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 5. Products derived from this software may not be called "OpenSSL" 84656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * nor may "OpenSSL" appear in their names without prior written 85656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * permission of the OpenSSL Project. 86656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 87656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 6. Redistributions of any form whatsoever must retain the following 88656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * acknowledgment: 89656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 90656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 92656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OF THE POSSIBILITY OF SUCH DAMAGE. 104656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ==================================================================== 105656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 106656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This product includes cryptographic software written by Eric Young 107656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * (eay@cryptsoft.com). This product includes software written by Tim 108656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Hudson (tjh@cryptsoft.com). 109656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 110656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 111656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 112656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef MD_RAND_DEBUG 113656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project# ifndef NDEBUG 114656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project# define NDEBUG 115656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project# endif 116656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 117656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 118656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <assert.h> 119656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <stdio.h> 120656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <string.h> 121656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 122656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "e_os.h" 123656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 124656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/rand.h> 125656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "rand_lcl.h" 126656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 127656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/crypto.h> 128656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/err.h> 129656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 130656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef BN_DEBUG 131656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project# define PREDICT 132656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 133656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 134656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* #define PREDICT 1 */ 135656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 136656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define STATE_SIZE 1023 137656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int state_num=0,state_index=0; 138656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH]; 139656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic unsigned char md[MD_DIGEST_LENGTH]; 140656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic long md_count[2]={0,0}; 141656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic double entropy=0; 142656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int initialized=0; 143656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 144656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic unsigned int crypto_lock_rand = 0; /* may be set only when a thread 145656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * holds CRYPTO_LOCK_RAND 146656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * (to prevent double locking) */ 147656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */ 148221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic CRYPTO_THREADID locking_threadid; /* valid iff crypto_lock_rand is set */ 149656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 150656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 151656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef PREDICT 152656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint rand_predictable=0; 153656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 154656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 155656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectconst char RAND_version[]="RAND" OPENSSL_VERSION_PTEXT; 156656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 157656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void ssleay_rand_cleanup(void); 158656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void ssleay_rand_seed(const void *buf, int num); 159656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void ssleay_rand_add(const void *buf, int num, double add_entropy); 160656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ssleay_rand_bytes(unsigned char *buf, int num); 161656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ssleay_rand_pseudo_bytes(unsigned char *buf, int num); 162656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ssleay_rand_status(void); 163656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 164656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectRAND_METHOD rand_ssleay_meth={ 165656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ssleay_rand_seed, 166656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ssleay_rand_bytes, 167656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ssleay_rand_cleanup, 168656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ssleay_rand_add, 169656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ssleay_rand_pseudo_bytes, 170656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ssleay_rand_status 171656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project }; 172656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 173656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectRAND_METHOD *RAND_SSLeay(void) 174656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 175656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(&rand_ssleay_meth); 176656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 177656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 178656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void ssleay_rand_cleanup(void) 179656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 180656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_cleanse(state,sizeof(state)); 181656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project state_num=0; 182656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project state_index=0; 183656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_cleanse(md,MD_DIGEST_LENGTH); 184656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project md_count[0]=0; 185656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project md_count[1]=0; 186656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project entropy=0; 187656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project initialized=0; 188656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 189656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 190656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void ssleay_rand_add(const void *buf, int num, double add) 191656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 192656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i,j,k,st_idx; 193656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project long md_c[2]; 194656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned char local_md[MD_DIGEST_LENGTH]; 195656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_MD_CTX m; 196656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int do_not_lock; 197656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 198656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* 199656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * (Based on the rand(3) manpage) 200656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 201656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The input is chopped up into units of 20 bytes (or less for 202656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the last block). Each of these blocks is run through the hash 203656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * function as follows: The data passed to the hash function 204656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * is the current 'md', the same number of bytes from the 'state' 205656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * (the location determined by in incremented looping index) as 206656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the current 'block', the new key data 'block', and 'count' 207656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * (which is incremented after each use). 208656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The result of this is kept in 'md' and also xored into the 209656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 'state' at the same locations that were used as input into the 210656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * hash function. 211656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 212656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 213656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* check if we already have the lock */ 214656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (crypto_lock_rand) 215656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 216221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom CRYPTO_THREADID cur; 217221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom CRYPTO_THREADID_current(&cur); 218656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_r_lock(CRYPTO_LOCK_RAND2); 219221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur); 220656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_r_unlock(CRYPTO_LOCK_RAND2); 221656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 222656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 223656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project do_not_lock = 0; 224656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 225656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND); 226656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project st_idx=state_index; 227656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 228656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* use our own copies of the counters so that even 229656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * if a concurrent thread seeds with exactly the 230656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * same data and uses the same subarray there's _some_ 231656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * difference */ 232656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project md_c[0] = md_count[0]; 233656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project md_c[1] = md_count[1]; 234656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 235656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project memcpy(local_md, md, sizeof md); 236656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 237656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* state_index <= state_num <= STATE_SIZE */ 238656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project state_index += num; 239656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (state_index >= STATE_SIZE) 240656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 241656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project state_index%=STATE_SIZE; 242656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project state_num=STATE_SIZE; 243656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 244656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else if (state_num < STATE_SIZE) 245656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 246656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (state_index > state_num) 247656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project state_num=state_index; 248656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 249656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* state_index <= state_num <= STATE_SIZE */ 250656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 251656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* state[st_idx], ..., state[(st_idx + num - 1) % STATE_SIZE] 252656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are what we will use now, but other threads may use them 253656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * as well */ 254656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 255656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project md_count[1] += (num / MD_DIGEST_LENGTH) + (num % MD_DIGEST_LENGTH > 0); 256656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 257656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND); 258656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 259656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_MD_CTX_init(&m); 260656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i=0; i<num; i+=MD_DIGEST_LENGTH) 261656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 262656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j=(num-i); 263656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j=(j > MD_DIGEST_LENGTH)?MD_DIGEST_LENGTH:j; 264656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 265656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Init(&m); 266656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Update(&m,local_md,MD_DIGEST_LENGTH); 267656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project k=(st_idx+j)-STATE_SIZE; 268656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (k > 0) 269656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 270656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Update(&m,&(state[st_idx]),j-k); 271656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Update(&m,&(state[0]),k); 272656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 273656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 274656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Update(&m,&(state[st_idx]),j); 275221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 276221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */ 277656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Update(&m,buf,j); 278221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* We know that line may cause programs such as 279221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom purify and valgrind to complain about use of 280221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom uninitialized data. The problem is not, it's 281221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom with the caller. Removing that line will make 282221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom sure you get really bad randomness and thereby 283221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom other problems such as very insecure keys. */ 284221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 285656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)); 286656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Final(&m,local_md); 287656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project md_c[1]++; 288656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 289656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf=(const char *)buf + j; 290656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 291656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (k=0; k<j; k++) 292656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 293656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Parallel threads may interfere with this, 294656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * but always each byte of the new state is 295656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the XOR of some previous value of its 296656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * and local_md (itermediate values may be lost). 297656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Alway using locking could hurt performance more 298656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * than necessary given that conflicts occur only 299656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * when the total seeding is longer than the random 300656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * state. */ 301656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project state[st_idx++]^=local_md[k]; 302656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (st_idx >= STATE_SIZE) 303656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project st_idx=0; 304656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 305656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 306656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_MD_CTX_cleanup(&m); 307656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 308656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND); 309656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Don't just copy back local_md into md -- this could mean that 310656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * other thread's seeding remains without effect (except for 311656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the incremented counter). By XORing it we keep at least as 312656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * much entropy as fits into md. */ 313656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (k = 0; k < (int)sizeof(md); k++) 314656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 315656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project md[k] ^= local_md[k]; 316656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 317656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (entropy < ENTROPY_NEEDED) /* stop counting when we have enough */ 318656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project entropy += add; 319656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND); 320656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 321656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if !defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) 322656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project assert(md_c[1] == md_count[1]); 323656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 324656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 325656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 326656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void ssleay_rand_seed(const void *buf, int num) 327656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 328656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ssleay_rand_add(buf, num, (double)num); 329656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 330656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 331656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ssleay_rand_bytes(unsigned char *buf, int num) 332656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 333656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project static volatile int stirred_pool = 0; 334656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i,j,k,st_num,st_idx; 335656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int num_ceil; 336656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ok; 337656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project long md_c[2]; 338656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned char local_md[MD_DIGEST_LENGTH]; 339656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_MD_CTX m; 340656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef GETPID_IS_MEANINGLESS 341656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project pid_t curr_pid = getpid(); 342656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 343656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int do_stir_pool = 0; 344656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 345656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef PREDICT 346656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (rand_predictable) 347656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 348656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project static unsigned char val=0; 349656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 350656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i=0; i<num; i++) 351656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf[i]=val++; 352656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(1); 353656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 354656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 355656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 356656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (num <= 0) 357656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 358656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 359656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_MD_CTX_init(&m); 360656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* round upwards to multiple of MD_DIGEST_LENGTH/2 */ 361656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project num_ceil = (1 + (num-1)/(MD_DIGEST_LENGTH/2)) * (MD_DIGEST_LENGTH/2); 362656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 363656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* 364656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * (Based on the rand(3) manpage:) 365656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 366656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * For each group of 10 bytes (or less), we do the following: 367656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 368656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Input into the hash function the local 'md' (which is initialized from 369656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the global 'md' before any bytes are generated), the bytes that are to 370656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * be overwritten by the random bytes, and bytes from the 'state' 371656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * (incrementing looping index). From this digest output (which is kept 372656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * in 'md'), the top (up to) 10 bytes are returned to the caller and the 373656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * bottom 10 bytes are xored into the 'state'. 374656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 375656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Finally, after we have finished 'num' random bytes for the 376656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * caller, 'count' (which is incremented) and the local and global 'md' 377656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are fed into the hash function and the results are kept in the 378656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * global 'md'. 379656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 380656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 381656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_w_lock(CRYPTO_LOCK_RAND); 382656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 383656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* prevent ssleay_rand_bytes() from trying to obtain the lock again */ 384656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_w_lock(CRYPTO_LOCK_RAND2); 385221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom CRYPTO_THREADID_current(&locking_threadid); 386656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_w_unlock(CRYPTO_LOCK_RAND2); 387656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project crypto_lock_rand = 1; 388656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 389656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!initialized) 390656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 391656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project RAND_poll(); 392656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project initialized = 1; 393656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 394656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 395656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!stirred_pool) 396656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project do_stir_pool = 1; 397656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 398656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ok = (entropy >= ENTROPY_NEEDED); 399656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!ok) 400656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 401656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* If the PRNG state is not yet unpredictable, then seeing 402656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the PRNG output may help attackers to determine the new 403656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * state; thus we have to decrease the entropy estimate. 404656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Once we've had enough initial seeding we don't bother to 405656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * adjust the entropy count, though, because we're not ambitious 406656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * to provide *information-theoretic* randomness. 407656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 408656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * NOTE: This approach fails if the program forks before 409656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * we have enough entropy. Entropy should be collected 410656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * in a separate input pool and be transferred to the 411656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * output pool only when the entropy limit has been reached. 412656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 413656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project entropy -= num; 414656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (entropy < 0) 415656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project entropy = 0; 416656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 417656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 418656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (do_stir_pool) 419656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 420656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* In the output function only half of 'md' remains secret, 421656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * so we better make sure that the required entropy gets 422656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 'evenly distributed' through 'state', our randomness pool. 423656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The input function (ssleay_rand_add) chains all of 'md', 424656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * which makes it more suitable for this purpose. 425656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 426656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 427656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int n = STATE_SIZE; /* so that the complete pool gets accessed */ 428656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while (n > 0) 429656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 430656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#if MD_DIGEST_LENGTH > 20 431656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project# error "Please adjust DUMMY_SEED." 432656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 433656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define DUMMY_SEED "...................." /* at least MD_DIGEST_LENGTH */ 434656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Note that the seed does not matter, it's just that 435656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ssleay_rand_add expects to have something to hash. */ 436656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ssleay_rand_add(DUMMY_SEED, MD_DIGEST_LENGTH, 0.0); 437656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project n -= MD_DIGEST_LENGTH; 438656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 439656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ok) 440656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project stirred_pool = 1; 441656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 442656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 443656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project st_idx=state_index; 444656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project st_num=state_num; 445656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project md_c[0] = md_count[0]; 446656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project md_c[1] = md_count[1]; 447656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project memcpy(local_md, md, sizeof md); 448656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 449656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project state_index+=num_ceil; 450656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (state_index > state_num) 451656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project state_index %= state_num; 452656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 453656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* state[st_idx], ..., state[(st_idx + num_ceil - 1) % st_num] 454656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are now ours (but other threads may use them too) */ 455656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 456656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project md_count[0] += 1; 457656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 458656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* before unlocking, we must clear 'crypto_lock_rand' */ 459656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project crypto_lock_rand = 0; 460656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_w_unlock(CRYPTO_LOCK_RAND); 461656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 462656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project while (num > 0) 463656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 464656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* num_ceil -= MD_DIGEST_LENGTH/2 */ 465656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project j=(num >= MD_DIGEST_LENGTH/2)?MD_DIGEST_LENGTH/2:num; 466656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project num-=j; 467656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Init(&m); 468656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef GETPID_IS_MEANINGLESS 469656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (curr_pid) /* just in the first iteration to save time */ 470656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 471656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Update(&m,(unsigned char*)&curr_pid,sizeof curr_pid); 472656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project curr_pid = 0; 473656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 474656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 475656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Update(&m,local_md,MD_DIGEST_LENGTH); 476656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)); 477221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 478221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#ifndef PURIFY /* purify complains */ 479221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */ 480221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom MD_Update(&m,buf,j); 481221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* We know that line may cause programs such as 482221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom purify and valgrind to complain about use of 483221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom uninitialized data. */ 484656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 485221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 486656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project k=(st_idx+MD_DIGEST_LENGTH/2)-st_num; 487656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (k > 0) 488656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 489656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2-k); 490656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Update(&m,&(state[0]),k); 491656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 492656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 493656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2); 494656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Final(&m,local_md); 495656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 496656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i=0; i<MD_DIGEST_LENGTH/2; i++) 497656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 498656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project state[st_idx++]^=local_md[i]; /* may compete with other threads */ 499656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (st_idx >= st_num) 500656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project st_idx=0; 501656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (i < j) 502656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project *(buf++)=local_md[i+MD_DIGEST_LENGTH/2]; 503656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 504656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 505656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 506656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Init(&m); 507656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)); 508656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Update(&m,local_md,MD_DIGEST_LENGTH); 509656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_w_lock(CRYPTO_LOCK_RAND); 510656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Update(&m,md,MD_DIGEST_LENGTH); 511656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project MD_Final(&m,md); 512656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_w_unlock(CRYPTO_LOCK_RAND); 513656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 514656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_MD_CTX_cleanup(&m); 515656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ok) 516656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(1); 517656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 518656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 519656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project RANDerr(RAND_F_SSLEAY_RAND_BYTES,RAND_R_PRNG_NOT_SEEDED); 520656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_add_error_data(1, "You need to read the OpenSSL FAQ, " 521656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "http://www.openssl.org/support/faq.html"); 522656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(0); 523656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 524656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 525656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 526656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* pseudo-random bytes that are guaranteed to be unique but not 527656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unpredictable */ 528656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) 529656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 530656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret; 531656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned long err; 532656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 533656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret = RAND_bytes(buf, num); 534656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ret == 0) 535656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 536656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project err = ERR_peek_error(); 537656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ERR_GET_LIB(err) == ERR_LIB_RAND && 538656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED) 539656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_clear_error(); 540656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 541656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return (ret); 542656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 543656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 544656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int ssleay_rand_status(void) 545656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 546221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom CRYPTO_THREADID cur; 547656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret; 548656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int do_not_lock; 549656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 550221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom CRYPTO_THREADID_current(&cur); 551656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* check if we already have the lock 552656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * (could happen if a RAND_poll() implementation calls RAND_status()) */ 553656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (crypto_lock_rand) 554656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 555656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_r_lock(CRYPTO_LOCK_RAND2); 556221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur); 557656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_r_unlock(CRYPTO_LOCK_RAND2); 558656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 559656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 560656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project do_not_lock = 0; 561656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 562656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!do_not_lock) 563656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 564656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_w_lock(CRYPTO_LOCK_RAND); 565656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 566656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* prevent ssleay_rand_bytes() from trying to obtain the lock again */ 567656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_w_lock(CRYPTO_LOCK_RAND2); 568221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom CRYPTO_THREADID_cpy(&locking_threadid, &cur); 569656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_w_unlock(CRYPTO_LOCK_RAND2); 570656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project crypto_lock_rand = 1; 571656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 572656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 573656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!initialized) 574656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 575656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project RAND_poll(); 576656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project initialized = 1; 577656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 578656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 579656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret = entropy >= ENTROPY_NEEDED; 580656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 581656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!do_not_lock) 582656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 583656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* before unlocking, we must clear 'crypto_lock_rand' */ 584656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project crypto_lock_rand = 0; 585656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 586656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_w_unlock(CRYPTO_LOCK_RAND); 587656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 588656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 589656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return ret; 590656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 591