randfile.c revision 142425
155714Skris/* crypto/rand/randfile.c */ 255714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 355714Skris * All rights reserved. 455714Skris * 555714Skris * This package is an SSL implementation written 655714Skris * by Eric Young (eay@cryptsoft.com). 755714Skris * The implementation was written so as to conform with Netscapes SSL. 855714Skris * 955714Skris * This library is free for commercial and non-commercial use as long as 1055714Skris * the following conditions are aheared to. The following conditions 1155714Skris * apply to all code found in this distribution, be it the RC4, RSA, 1255714Skris * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1355714Skris * included with this distribution is covered by the same copyright terms 1455714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com). 1555714Skris * 1655714Skris * Copyright remains Eric Young's, and as such any Copyright notices in 1755714Skris * the code are not to be removed. 1855714Skris * If this package is used in a product, Eric Young should be given attribution 1955714Skris * as the author of the parts of the library used. 2055714Skris * This can be in the form of a textual message at program startup or 2155714Skris * in documentation (online or textual) provided with the package. 2255714Skris * 2355714Skris * Redistribution and use in source and binary forms, with or without 2455714Skris * modification, are permitted provided that the following conditions 2555714Skris * are met: 2655714Skris * 1. Redistributions of source code must retain the copyright 2755714Skris * notice, this list of conditions and the following disclaimer. 2855714Skris * 2. Redistributions in binary form must reproduce the above copyright 2955714Skris * notice, this list of conditions and the following disclaimer in the 3055714Skris * documentation and/or other materials provided with the distribution. 3155714Skris * 3. All advertising materials mentioning features or use of this software 3255714Skris * must display the following acknowledgement: 3355714Skris * "This product includes cryptographic software written by 3455714Skris * Eric Young (eay@cryptsoft.com)" 3555714Skris * The word 'cryptographic' can be left out if the rouines from the library 3655714Skris * being used are not cryptographic related :-). 3755714Skris * 4. If you include any Windows specific code (or a derivative thereof) from 3855714Skris * the apps directory (application code) you must include an acknowledgement: 3955714Skris * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 4055714Skris * 4155714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4255714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4355714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4455714Skris * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4555714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4655714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4755714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4855714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 4955714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5055714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5155714Skris * SUCH DAMAGE. 5255714Skris * 5355714Skris * The licence and distribution terms for any publically available version or 5455714Skris * derivative of this code cannot be changed. i.e. this code cannot simply be 5555714Skris * copied and put under another distribution licence 5655714Skris * [including the GNU Public Licence.] 5755714Skris */ 5855714Skris 59127128Snectar/* We need to define this to get macros like S_IFBLK and S_IFCHR */ 60127128Snectar#define _XOPEN_SOURCE 1 61127128Snectar 6255714Skris#include <errno.h> 6355714Skris#include <stdio.h> 6455714Skris#include <stdlib.h> 6555714Skris#include <string.h> 6655714Skris 67109998Smarkm#include "e_os.h" 68109998Smarkm#include <openssl/crypto.h> 69109998Smarkm#include <openssl/rand.h> 70127128Snectar#include <openssl/buffer.h> 71109998Smarkm 72109998Smarkm#ifdef OPENSSL_SYS_VMS 7359191Skris#include <unixio.h> 7459191Skris#endif 7559191Skris#ifndef NO_SYS_TYPES_H 7659191Skris# include <sys/types.h> 7759191Skris#endif 7859191Skris#ifdef MAC_OS_pre_X 7959191Skris# include <stat.h> 8059191Skris#else 8159191Skris# include <sys/stat.h> 8259191Skris#endif 8359191Skris 8455714Skris#undef BUFSIZE 8555714Skris#define BUFSIZE 1024 8655714Skris#define RAND_DATA 1024 8755714Skris 8859191Skris/* #define RFILE ".rnd" - defined in ../../e_os.h */ 8955714Skris 9072613Skris/* Note that these functions are intended for seed files only. 9172613Skris * Entropy devices and EGD sockets are handled in rand_unix.c */ 9272613Skris 9355714Skrisint RAND_load_file(const char *file, long bytes) 9455714Skris { 9559191Skris /* If bytes >= 0, read up to 'bytes' bytes. 9659191Skris * if bytes == -1, read complete file. */ 9759191Skris 9855714Skris MS_STATIC unsigned char buf[BUFSIZE]; 9955714Skris struct stat sb; 10055714Skris int i,ret=0,n; 10155714Skris FILE *in; 10255714Skris 10355714Skris if (file == NULL) return(0); 10455714Skris 10555714Skris i=stat(file,&sb); 10655714Skris /* If the state fails, put some crap in anyway */ 10759191Skris RAND_add(&sb,sizeof(sb),0); 10855714Skris if (i < 0) return(0); 10959191Skris if (bytes == 0) return(ret); 11055714Skris 11155714Skris in=fopen(file,"rb"); 11255714Skris if (in == NULL) goto err; 113127128Snectar#if defined(S_IFBLK) && defined(S_IFCHR) 114127128Snectar if (sb.st_mode & (S_IFBLK | S_IFCHR)) { 115127128Snectar /* this file is a device. we don't want read an infinite number 116127128Snectar * of bytes from a random device, nor do we want to use buffered 117127128Snectar * I/O because we will waste system entropy. 118127128Snectar */ 119127128Snectar bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */ 120127128Snectar setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */ 121127128Snectar } 122127128Snectar#endif 12355714Skris for (;;) 12455714Skris { 12559191Skris if (bytes > 0) 12659191Skris n = (bytes < BUFSIZE)?(int)bytes:BUFSIZE; 12759191Skris else 12859191Skris n = BUFSIZE; 12955714Skris i=fread(buf,1,n,in); 13055714Skris if (i <= 0) break; 13155714Skris /* even if n != i, use the full array */ 13259191Skris RAND_add(buf,n,i); 13355714Skris ret+=i; 13459191Skris if (bytes > 0) 13559191Skris { 13659191Skris bytes-=n; 13772613Skris if (bytes <= 0) break; 13859191Skris } 13955714Skris } 14055714Skris fclose(in); 141109998Smarkm OPENSSL_cleanse(buf,BUFSIZE); 14255714Skriserr: 14355714Skris return(ret); 14455714Skris } 14555714Skris 14655714Skrisint RAND_write_file(const char *file) 14755714Skris { 14855714Skris unsigned char buf[BUFSIZE]; 14968651Skris int i,ret=0,rand_err=0; 15059191Skris FILE *out = NULL; 15155714Skris int n; 152127128Snectar struct stat sb; 15359191Skris 154127128Snectar i=stat(file,&sb); 155127128Snectar if (i != -1) { 156127128Snectar#if defined(S_IFBLK) && defined(S_IFCHR) 157127128Snectar if (sb.st_mode & (S_IFBLK | S_IFCHR)) { 158127128Snectar /* this file is a device. we don't write back to it. 159127128Snectar * we "succeed" on the assumption this is some sort 160127128Snectar * of random device. Otherwise attempting to write to 161127128Snectar * and chmod the device causes problems. 162127128Snectar */ 163127128Snectar return(1); 164127128Snectar } 165127128Snectar#endif 166127128Snectar } 167127128Snectar 168109998Smarkm#if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32) 169142425Snectar { 17059191Skris /* For some reason Win32 can't write to files created this way */ 17168651Skris 17268651Skris /* chmod(..., 0600) is too late to protect the file, 17368651Skris * permissions should be restrictive from the start */ 17468651Skris int fd = open(file, O_CREAT, 0600); 17568651Skris if (fd != -1) 17668651Skris out = fdopen(fd, "wb"); 177142425Snectar } 17859191Skris#endif 17968651Skris if (out == NULL) 18068651Skris out = fopen(file,"wb"); 18168651Skris if (out == NULL) goto err; 18259191Skris 18359191Skris#ifndef NO_CHMOD 18455714Skris chmod(file,0600); 18559191Skris#endif 18655714Skris n=RAND_DATA; 18755714Skris for (;;) 18855714Skris { 18955714Skris i=(n > BUFSIZE)?BUFSIZE:n; 19055714Skris n-=BUFSIZE; 19159191Skris if (RAND_bytes(buf,i) <= 0) 19268651Skris rand_err=1; 19355714Skris i=fwrite(buf,1,i,out); 19455714Skris if (i <= 0) 19555714Skris { 19655714Skris ret=0; 19755714Skris break; 19855714Skris } 19955714Skris ret+=i; 20055714Skris if (n <= 0) break; 20159191Skris } 202109998Smarkm#ifdef OPENSSL_SYS_VMS 20359191Skris /* Try to delete older versions of the file, until there aren't 20459191Skris any */ 20559191Skris { 20659191Skris char *tmpf; 20759191Skris 20868651Skris tmpf = OPENSSL_malloc(strlen(file) + 4); /* to add ";-1" and a nul */ 20959191Skris if (tmpf) 21059191Skris { 21159191Skris strcpy(tmpf, file); 21259191Skris strcat(tmpf, ";-1"); 21359191Skris while(delete(tmpf) == 0) 21459191Skris ; 21559191Skris rename(file,";1"); /* Make sure it's version 1, or we 21659191Skris will reach the limit (32767) at 21759191Skris some point... */ 21855714Skris } 21959191Skris } 220109998Smarkm#endif /* OPENSSL_SYS_VMS */ 22159191Skris 22255714Skris fclose(out); 223109998Smarkm OPENSSL_cleanse(buf,BUFSIZE); 22455714Skriserr: 22568651Skris return (rand_err ? -1 : ret); 22655714Skris } 22755714Skris 22876866Skrisconst char *RAND_file_name(char *buf, size_t size) 22955714Skris { 23076866Skris char *s=NULL; 231127128Snectar int ok = 0; 232127128Snectar#ifdef __OpenBSD__ 233127128Snectar struct stat sb; 234127128Snectar#endif 23555714Skris 23676866Skris if (OPENSSL_issetugid() == 0) 23776866Skris s=getenv("RANDFILE"); 238127128Snectar if (s != NULL && *s && strlen(s) + 1 < size) 23955714Skris { 240127128Snectar if (BUF_strlcpy(buf,s,size) >= size) 241109998Smarkm return NULL; 24255714Skris } 24355714Skris else 24455714Skris { 24576866Skris if (OPENSSL_issetugid() == 0) 24676866Skris s=getenv("HOME"); 24779998Skris#ifdef DEFAULT_HOME 24879998Skris if (s == NULL) 24979998Skris { 25079998Skris s = DEFAULT_HOME; 25179998Skris } 25279998Skris#endif 253127128Snectar if (s && *s && strlen(s)+strlen(RFILE)+2 < size) 25476866Skris { 255127128Snectar BUF_strlcpy(buf,s,size); 256109998Smarkm#ifndef OPENSSL_SYS_VMS 257127128Snectar BUF_strlcat(buf,"/",size); 25855714Skris#endif 259127128Snectar BUF_strlcat(buf,RFILE,size); 260127128Snectar ok = 1; 26176866Skris } 26279998Skris else 26376866Skris buf[0] = '\0'; /* no file name */ 26455714Skris } 265127128Snectar 266127128Snectar#ifdef __OpenBSD__ 267127128Snectar /* given that all random loads just fail if the file can't be 268127128Snectar * seen on a stat, we stat the file we're returning, if it 269127128Snectar * fails, use /dev/arandom instead. this allows the user to 270127128Snectar * use their own source for good random data, but defaults 271127128Snectar * to something hopefully decent if that isn't available. 272127128Snectar */ 273127128Snectar 274127128Snectar if (!ok) 275127128Snectar if (BUF_strlcpy(buf,"/dev/arandom",size) >= size) { 276127128Snectar return(NULL); 277127128Snectar } 278127128Snectar if (stat(buf,&sb) == -1) 279127128Snectar if (BUF_strlcpy(buf,"/dev/arandom",size) >= size) { 280127128Snectar return(NULL); 281127128Snectar } 282127128Snectar 283127128Snectar#endif 284127128Snectar return(buf); 28555714Skris } 286