sl@0: /* apps/app_rand.c */ sl@0: /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) sl@0: * All rights reserved. sl@0: * sl@0: * This package is an SSL implementation written sl@0: * by Eric Young (eay@cryptsoft.com). sl@0: * The implementation was written so as to conform with Netscapes SSL. sl@0: * sl@0: * This library is free for commercial and non-commercial use as long as sl@0: * the following conditions are aheared to. The following conditions sl@0: * apply to all code found in this distribution, be it the RC4, RSA, sl@0: * lhash, DES, etc., code; not just the SSL code. The SSL documentation sl@0: * included with this distribution is covered by the same copyright terms sl@0: * except that the holder is Tim Hudson (tjh@cryptsoft.com). sl@0: * sl@0: * Copyright remains Eric Young's, and as such any Copyright notices in sl@0: * the code are not to be removed. sl@0: * If this package is used in a product, Eric Young should be given attribution sl@0: * as the author of the parts of the library used. sl@0: * This can be in the form of a textual message at program startup or sl@0: * in documentation (online or textual) provided with the package. sl@0: * sl@0: * Redistribution and use in source and binary forms, with or without sl@0: * modification, are permitted provided that the following conditions sl@0: * are met: sl@0: * 1. Redistributions of source code must retain the copyright sl@0: * notice, this list of conditions and the following disclaimer. sl@0: * 2. Redistributions in binary form must reproduce the above copyright sl@0: * notice, this list of conditions and the following disclaimer in the sl@0: * documentation and/or other materials provided with the distribution. sl@0: * 3. All advertising materials mentioning features or use of this software sl@0: * must display the following acknowledgement: sl@0: * "This product includes cryptographic software written by sl@0: * Eric Young (eay@cryptsoft.com)" sl@0: * The word 'cryptographic' can be left out if the rouines from the library sl@0: * being used are not cryptographic related :-). sl@0: * 4. If you include any Windows specific code (or a derivative thereof) from sl@0: * the apps directory (application code) you must include an acknowledgement: sl@0: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" sl@0: * sl@0: * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND sl@0: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE sl@0: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE sl@0: * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE sl@0: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL sl@0: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS sl@0: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) sl@0: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT sl@0: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY sl@0: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF sl@0: * SUCH DAMAGE. sl@0: * sl@0: * The licence and distribution terms for any publically available version or sl@0: * derivative of this code cannot be changed. i.e. this code cannot simply be sl@0: * copied and put under another distribution licence sl@0: * [including the GNU Public Licence.] sl@0: */ sl@0: /* ==================================================================== sl@0: * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. sl@0: * sl@0: * Redistribution and use in source and binary forms, with or without sl@0: * modification, are permitted provided that the following conditions sl@0: * are met: sl@0: * sl@0: * 1. Redistributions of source code must retain the above copyright sl@0: * notice, this list of conditions and the following disclaimer. sl@0: * sl@0: * 2. Redistributions in binary form must reproduce the above copyright sl@0: * notice, this list of conditions and the following disclaimer in sl@0: * the documentation and/or other materials provided with the sl@0: * distribution. sl@0: * sl@0: * 3. All advertising materials mentioning features or use of this sl@0: * software must display the following acknowledgment: sl@0: * "This product includes software developed by the OpenSSL Project sl@0: * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" sl@0: * sl@0: * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to sl@0: * endorse or promote products derived from this software without sl@0: * prior written permission. For written permission, please contact sl@0: * openssl-core@openssl.org. sl@0: * sl@0: * 5. Products derived from this software may not be called "OpenSSL" sl@0: * nor may "OpenSSL" appear in their names without prior written sl@0: * permission of the OpenSSL Project. sl@0: * sl@0: * 6. Redistributions of any form whatsoever must retain the following sl@0: * acknowledgment: sl@0: * "This product includes software developed by the OpenSSL Project sl@0: * for use in the OpenSSL Toolkit (http://www.openssl.org/)" sl@0: * sl@0: * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY sl@0: * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE sl@0: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR sl@0: * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR sl@0: * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, sl@0: * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT sl@0: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; sl@0: * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) sl@0: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, sl@0: * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) sl@0: * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED sl@0: * OF THE POSSIBILITY OF SUCH DAMAGE. sl@0: * ==================================================================== sl@0: * sl@0: * This product includes cryptographic software written by Eric Young sl@0: * (eay@cryptsoft.com). This product includes software written by Tim sl@0: * Hudson (tjh@cryptsoft.com). sl@0: * sl@0: */ sl@0: sl@0: #define NON_MAIN sl@0: #include "apps.h" sl@0: #undef NON_MAIN sl@0: #include sl@0: #include sl@0: sl@0: static int seeded = 0; sl@0: static int egdsocket = 0; sl@0: sl@0: int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn) sl@0: { sl@0: int consider_randfile = (file == NULL); sl@0: char buffer[200]; sl@0: sl@0: #ifdef OPENSSL_SYS_WINDOWS sl@0: BIO_printf(bio_e,"Loading 'screen' into random state -"); sl@0: BIO_flush(bio_e); sl@0: RAND_screen(); sl@0: BIO_printf(bio_e," done\n"); sl@0: #endif sl@0: sl@0: if (file == NULL) sl@0: file = RAND_file_name(buffer, sizeof buffer); sl@0: else if (RAND_egd(file) > 0) sl@0: { sl@0: /* we try if the given filename is an EGD socket. sl@0: if it is, we don't write anything back to the file. */ sl@0: egdsocket = 1; sl@0: return 1; sl@0: } sl@0: if (file == NULL || !RAND_load_file(file, -1)) sl@0: { sl@0: if (RAND_status() == 0) sl@0: { sl@0: if (!dont_warn) sl@0: { sl@0: BIO_printf(bio_e,"unable to load 'random state'\n"); sl@0: BIO_printf(bio_e,"This means that the random number generator has not been seeded\n"); sl@0: BIO_printf(bio_e,"with much random data.\n"); sl@0: if (consider_randfile) /* explanation does not apply when a file is explicitly named */ sl@0: { sl@0: BIO_printf(bio_e,"Consider setting the RANDFILE environment variable to point at a file that\n"); sl@0: BIO_printf(bio_e,"'random' data can be kept in (the file will be overwritten).\n"); sl@0: } sl@0: } sl@0: return 0; sl@0: } sl@0: } sl@0: seeded = 1; sl@0: return 1; sl@0: } sl@0: sl@0: long app_RAND_load_files(char *name) sl@0: { sl@0: char *p,*n; sl@0: int last; sl@0: long tot=0; sl@0: int egd; sl@0: sl@0: for (;;) sl@0: { sl@0: last=0; sl@0: for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++); sl@0: if (*p == '\0') last=1; sl@0: *p='\0'; sl@0: n=name; sl@0: name=p+1; sl@0: if (*n == '\0') break; sl@0: sl@0: egd=RAND_egd(n); sl@0: if (egd > 0) sl@0: tot+=egd; sl@0: else sl@0: tot+=RAND_load_file(n,-1); sl@0: if (last) break; sl@0: } sl@0: if (tot > 512) sl@0: app_RAND_allow_write_file(); sl@0: return(tot); sl@0: } sl@0: sl@0: int app_RAND_write_file(const char *file, BIO *bio_e) sl@0: { sl@0: char buffer[200]; sl@0: sl@0: if (egdsocket || !seeded) sl@0: /* If we did not manage to read the seed file, sl@0: * we should not write a low-entropy seed file back -- sl@0: * it would suppress a crucial warning the next time sl@0: * we want to use it. */ sl@0: return 0; sl@0: sl@0: if (file == NULL) sl@0: file = RAND_file_name(buffer, sizeof buffer); sl@0: if (file == NULL || !RAND_write_file(file)) sl@0: { sl@0: BIO_printf(bio_e,"unable to write 'random state'\n"); sl@0: return 0; sl@0: } sl@0: return 1; sl@0: } sl@0: sl@0: void app_RAND_allow_write_file(void) sl@0: { sl@0: seeded = 1; sl@0: }