Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright (c) 2001 Damien Miller. All rights reserved. |
3 | | * |
4 | | * Redistribution and use in source and binary forms, with or without |
5 | | * modification, are permitted provided that the following conditions |
6 | | * are met: |
7 | | * 1. Redistributions of source code must retain the above copyright |
8 | | * notice, this list of conditions and the following disclaimer. |
9 | | * 2. Redistributions in binary form must reproduce the above copyright |
10 | | * notice, this list of conditions and the following disclaimer in the |
11 | | * documentation and/or other materials provided with the distribution. |
12 | | * |
13 | | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
14 | | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
15 | | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
16 | | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
17 | | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
18 | | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
19 | | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
20 | | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
21 | | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
22 | | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
23 | | */ |
24 | | |
25 | | #include "includes.h" |
26 | | |
27 | | #define RANDOM_SEED_SIZE 48 |
28 | | |
29 | | #ifdef WITH_OPENSSL |
30 | | |
31 | | #include <sys/types.h> |
32 | | |
33 | | #include <errno.h> |
34 | | #include <signal.h> |
35 | | #include <stdlib.h> |
36 | | #include <string.h> |
37 | | #include <unistd.h> |
38 | | |
39 | | #include <openssl/rand.h> |
40 | | #include <openssl/crypto.h> |
41 | | #include <openssl/err.h> |
42 | | |
43 | | #include "openbsd-compat/openssl-compat.h" |
44 | | |
45 | | #include "ssh.h" |
46 | | #include "misc.h" |
47 | | #include "xmalloc.h" |
48 | | #include "atomicio.h" |
49 | | #include "pathnames.h" |
50 | | #include "log.h" |
51 | | #include "sshbuf.h" |
52 | | #include "ssherr.h" |
53 | | |
54 | | /* |
55 | | * Portable OpenSSH PRNG seeding: |
56 | | * If OpenSSL has not "internally seeded" itself (e.g. pulled data from |
57 | | * /dev/random), then collect RANDOM_SEED_SIZE bytes of randomness from |
58 | | * PRNGd. |
59 | | */ |
60 | | |
61 | | void |
62 | | seed_rng(void) |
63 | 1 | { |
64 | 1 | unsigned char buf[RANDOM_SEED_SIZE]; |
65 | | |
66 | | /* Initialise libcrypto */ |
67 | 1 | ssh_libcrypto_init(); |
68 | | |
69 | 1 | if (!ssh_compatible_openssl(OPENSSL_VERSION_NUMBER, |
70 | 1 | OpenSSL_version_num())) |
71 | 0 | fatal("OpenSSL version mismatch. Built against %lx, you " |
72 | 1 | "have %lx", (u_long)OPENSSL_VERSION_NUMBER, |
73 | 1 | OpenSSL_version_num()); |
74 | | |
75 | | #ifndef OPENSSL_PRNG_ONLY |
76 | | if (RAND_status() == 1) |
77 | | debug3("RNG is ready, skipping seeding"); |
78 | | else { |
79 | | if (seed_from_prngd(buf, sizeof(buf)) == -1) |
80 | | fatal("Could not obtain seed from PRNGd"); |
81 | | RAND_add(buf, sizeof(buf), sizeof(buf)); |
82 | | } |
83 | | #endif /* OPENSSL_PRNG_ONLY */ |
84 | | |
85 | 1 | if (RAND_status() != 1) |
86 | 0 | fatal("PRNG is not seeded"); |
87 | | |
88 | | /* Ensure arc4random() is primed */ |
89 | 1 | arc4random_buf(buf, sizeof(buf)); |
90 | 1 | explicit_bzero(buf, sizeof(buf)); |
91 | 1 | } |
92 | | |
93 | | #else /* WITH_OPENSSL */ |
94 | | |
95 | | #include <stdlib.h> |
96 | | #include <string.h> |
97 | | |
98 | | /* Actual initialisation is handled in arc4random() */ |
99 | | void |
100 | | seed_rng(void) |
101 | | { |
102 | | unsigned char buf[RANDOM_SEED_SIZE]; |
103 | | |
104 | | /* Ensure arc4random() is primed */ |
105 | | arc4random_buf(buf, sizeof(buf)); |
106 | | explicit_bzero(buf, sizeof(buf)); |
107 | | } |
108 | | |
109 | | #endif /* WITH_OPENSSL */ |