1386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari/*
2386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * rand_source.c
3386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *
4386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * implements a random source based on /dev/random
5386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *
6386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * David A. McGrew
7386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * Cisco Systems, Inc.
8386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari */
9386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari/*
10386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *
11386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * Copyright(c) 2001-2006 Cisco Systems, Inc.
12386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * All rights reserved.
13386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *
14386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * Redistribution and use in source and binary forms, with or without
15386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * modification, are permitted provided that the following conditions
16386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * are met:
17386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *
18386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *   Redistributions of source code must retain the above copyright
19386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *   notice, this list of conditions and the following disclaimer.
20386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *
21386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *   Redistributions in binary form must reproduce the above
22386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *   copyright notice, this list of conditions and the following
23386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *   disclaimer in the documentation and/or other materials provided
24386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *   with the distribution.
25386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *
26386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *   Neither the name of the Cisco Systems, Inc. nor the names of its
27386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *   contributors may be used to endorse or promote products derived
28386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *   from this software without specific prior written permission.
29386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *
30386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
31386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
32386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
33386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
34386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
35386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
36386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
37386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
38386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
39386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
40386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
41386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * OF THE POSSIBILITY OF SUCH DAMAGE.
42386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *
43386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari */
44386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
45386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#include "config.h"
46386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
47386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#ifdef DEV_URANDOM
48386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari# include <fcntl.h>          /* for open()  */
49386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari# include <unistd.h>         /* for close() */
50386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#elif defined(HAVE_RAND_S)
51386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari# define _CRT_RAND_S
52386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari# include <stdlib.h>
53386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#else
54386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari# include <stdio.h>
55386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#endif
56386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
57386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#include "rand_source.h"
58386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
59386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
60386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari/*
61386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * global dev_rand_fdes is file descriptor for /dev/random
62386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *
63386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * This variable is also used to indicate that the random source has
64386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * been initialized.  When this variable is set to the value of the
65386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * #define RAND_SOURCE_NOT_READY, it indicates that the random source
66386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * is not ready to be used.  The value of the #define
67386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * RAND_SOURCE_READY is for use whenever that variable is used as an
68386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * indicator of the state of the random source, but not as a file
69386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * descriptor.
70386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari */
71386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
72386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#define RAND_SOURCE_NOT_READY (-1)
73386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#define RAND_SOURCE_READY     (17)
74386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
75386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagaristatic int dev_random_fdes = RAND_SOURCE_NOT_READY;
76386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
77386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
78386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarierr_status_t
79386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarirand_source_init(void) {
80386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  if (dev_random_fdes >= 0) {
81386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari    /* already open */
82386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari    return err_status_ok;
83386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  }
84386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#ifdef DEV_URANDOM
85386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  /* open random source for reading */
86386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  dev_random_fdes = open(DEV_URANDOM, O_RDONLY);
87386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  if (dev_random_fdes < 0)
88386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari    return err_status_init_fail;
89386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#elif defined(HAVE_RAND_S)
90386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  dev_random_fdes = RAND_SOURCE_READY;
91386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#else
92386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  /* no random source available; let the user know */
93386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  fprintf(stderr, "WARNING: no real random source present!\n");
94386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  dev_random_fdes = RAND_SOURCE_READY;
95386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#endif
96386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  return err_status_ok;
97386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari}
98386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
99386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarierr_status_t
100386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarirand_source_get_octet_string(void *dest, uint32_t len) {
101386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
102386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  /*
103386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari   * read len octets from /dev/random to dest, and
104386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari   * check return value to make sure enough octets were
105386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari   * written
106386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari   */
107386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#ifdef DEV_URANDOM
108386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  if (read(dev_random_fdes, dest, len) != len)
109386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari    return err_status_fail;
110386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#elif defined(HAVE_RAND_S)
111386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  uint8_t *dst = (uint8_t *)dest;
112386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  while (len)
113386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  {
114386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari    unsigned int val;
115386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari    errno_t err = rand_s(&val);
116386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
117386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari    if (err != 0)
118386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari      return err_status_fail;
119386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
120386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari    *dst++ = val & 0xff;
121386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari    len--;
122386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  }
123386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#else
124386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  /* Generic C-library (rand()) version */
125386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  /* This is a random source of last resort */
126386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  uint8_t *dst = (uint8_t *)dest;
127386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  while (len)
128386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  {
129386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari	  int val = rand();
130386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari	  /* rand() returns 0-32767 (ugh) */
131386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari	  /* Is this a good enough way to get random bytes?
132386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari	     It is if it passes FIPS-140... */
133386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari	  *dst++ = val & 0xff;
134386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari	  len--;
135386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  }
136386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#endif
137386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  return err_status_ok;
138386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari}
139386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
140386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarierr_status_t
141386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarirand_source_deinit(void) {
142386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  if (dev_random_fdes < 0)
143386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari    return err_status_dealloc_fail;  /* well, we haven't really failed, *
144386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari				      * but there is something wrong    */
145386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#ifdef DEV_URANDOM
146386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  close(dev_random_fdes);
147386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#endif
148386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  dev_random_fdes = RAND_SOURCE_NOT_READY;
149386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
150386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  return err_status_ok;
151386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari}
152