1/* 2 * Copyright (c) 2007-2012 Niels Provos and Nick Mathewson 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 3. The name of the author may not be used to endorse or promote products 13 * derived from this software without specific prior written permission. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26 27/* This file has our secure PRNG code. On platforms that have arc4random(), 28 * we just use that. Otherwise, we include arc4random.c as a bunch of static 29 * functions, and wrap it lightly. We don't expose the arc4random*() APIs 30 * because A) they aren't in our namespace, and B) it's not nice to name your 31 * APIs after their implementations. We keep them in a separate file 32 * so that other people can rip it out and use it for whatever. 33 */ 34 35#include "event2/event-config.h" 36 37#include <limits.h> 38 39#include "util-internal.h" 40#include "evthread-internal.h" 41 42#ifdef _EVENT_HAVE_ARC4RANDOM 43#include <stdlib.h> 44#include <string.h> 45int 46evutil_secure_rng_init(void) 47{ 48 /* call arc4random() now to force it to self-initialize */ 49 (void) arc4random(); 50 return 0; 51} 52int 53evutil_secure_rng_global_setup_locks_(const int enable_locks) 54{ 55 return 0; 56} 57 58static void 59ev_arc4random_buf(void *buf, size_t n) 60{ 61#ifdef _EVENT_HAVE_ARC4RANDOM_BUF 62 return arc4random_buf(buf, n); 63#else 64 unsigned char *b = buf; 65 /* Make sure that we start out with b at a 4-byte alignment; plenty 66 * of CPUs care about this for 32-bit access. */ 67 if (n >= 4 && ((ev_uintptr_t)b) & 3) { 68 ev_uint32_t u = arc4random(); 69 int n_bytes = 4 - (((ev_uintptr_t)b) & 3); 70 memcpy(b, &u, n_bytes); 71 b += n_bytes; 72 n -= n_bytes; 73 } 74 while (n >= 4) { 75 *(ev_uint32_t*)b = arc4random(); 76 b += 4; 77 n -= 4; 78 } 79 if (n) { 80 ev_uint32_t u = arc4random(); 81 memcpy(b, &u, n); 82 } 83#endif 84} 85 86#else /* !_EVENT_HAVE_ARC4RANDOM { */ 87 88#ifdef _EVENT_ssize_t 89#define ssize_t _EVENT_SSIZE_t 90#endif 91#define ARC4RANDOM_EXPORT static 92#define _ARC4_LOCK() EVLOCK_LOCK(arc4rand_lock, 0) 93#define _ARC4_UNLOCK() EVLOCK_UNLOCK(arc4rand_lock, 0) 94#ifndef _EVENT_DISABLE_THREAD_SUPPORT 95static void *arc4rand_lock; 96#endif 97 98#define ARC4RANDOM_UINT32 ev_uint32_t 99#define ARC4RANDOM_NOSTIR 100#define ARC4RANDOM_NORANDOM 101#define ARC4RANDOM_NOUNIFORM 102 103#include "./arc4random.c" 104 105#ifndef _EVENT_DISABLE_THREAD_SUPPORT 106int 107evutil_secure_rng_global_setup_locks_(const int enable_locks) 108{ 109 EVTHREAD_SETUP_GLOBAL_LOCK(arc4rand_lock, 0); 110 return 0; 111} 112#endif 113 114int 115evutil_secure_rng_init(void) 116{ 117 int val; 118 119 _ARC4_LOCK(); 120 if (!arc4_seeded_ok) 121 arc4_stir(); 122 val = arc4_seeded_ok ? 0 : -1; 123 _ARC4_UNLOCK(); 124 return val; 125} 126 127static void 128ev_arc4random_buf(void *buf, size_t n) 129{ 130 arc4random_buf(buf, n); 131} 132 133#endif /* } !_EVENT_HAVE_ARC4RANDOM */ 134 135void 136evutil_secure_rng_get_bytes(void *buf, size_t n) 137{ 138 ev_arc4random_buf(buf, n); 139} 140 141void 142evutil_secure_rng_add_bytes(const char *buf, size_t n) 143{ 144 arc4random_addrandom((unsigned char*)buf, 145 n>(size_t)INT_MAX ? INT_MAX : (int)n); 146} 147 148