diff options
Diffstat (limited to 'deps/openssl/openssl/crypto/rand')
| -rw-r--r-- | deps/openssl/openssl/crypto/rand/Makefile | 166 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/rand/build.info | 4 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/rand/md_rand.c | 531 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/rand/rand.h | 150 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/rand/rand_egd.c | 165 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/rand/rand_err.c | 77 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/rand/rand_lcl.h | 128 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/rand/rand_lib.c | 254 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/rand/rand_nw.c | 179 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/rand/rand_os2.c | 170 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/rand/rand_unix.c | 161 | ||||
| -rw-r--r--[-rwxr-xr-x] | deps/openssl/openssl/crypto/rand/rand_vms.c | 71 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/rand/rand_win.c | 712 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/rand/randfile.c | 280 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/rand/randtest.c | 209 |
15 files changed, 650 insertions, 2607 deletions
diff --git a/deps/openssl/openssl/crypto/rand/Makefile b/deps/openssl/openssl/crypto/rand/Makefile deleted file mode 100644 index df44369a08..0000000000 --- a/deps/openssl/openssl/crypto/rand/Makefile +++ /dev/null @@ -1,166 +0,0 @@ -# -# OpenSSL/crypto/rand/Makefile -# - -DIR= rand -TOP= ../.. -CC= cc -INCLUDES= -CFLAG=-g -MAKEFILE= Makefile -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= randtest.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c \ - rand_win.c rand_unix.c rand_os2.c rand_nw.c -LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o \ - rand_win.o rand_unix.o rand_os2.o rand_nw.o - -SRC= $(LIBSRC) - -EXHEADER= rand.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - -links: - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... - @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -update: depend - -depend: - @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -md_rand.o: ../../e_os.h ../../include/openssl/asn1.h -md_rand.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -md_rand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -md_rand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -md_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -md_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -md_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -md_rand.o: md_rand.c rand_lcl.h -rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/e_os2.h -rand_egd.o: ../../include/openssl/opensslconf.h -rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -rand_egd.o: rand_egd.c -rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -rand_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -rand_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -rand_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_err.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -rand_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rand_err.o: rand_err.c -rand_lib.o: ../../e_os.h ../../include/openssl/asn1.h -rand_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -rand_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -rand_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -rand_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h -rand_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -rand_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -rand_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -rand_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -rand_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -rand_lib.o: ../cryptlib.h rand_lib.c -rand_nw.o: ../../e_os.h ../../include/openssl/asn1.h -rand_nw.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -rand_nw.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -rand_nw.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_nw.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -rand_nw.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -rand_nw.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_nw.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -rand_nw.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -rand_nw.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h rand_nw.c -rand_os2.o: ../../e_os.h ../../include/openssl/asn1.h -rand_os2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -rand_os2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -rand_os2.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_os2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -rand_os2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -rand_os2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -rand_os2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -rand_os2.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h -rand_os2.o: rand_os2.c -rand_unix.o: ../../e_os.h ../../include/openssl/asn1.h -rand_unix.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -rand_unix.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -rand_unix.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_unix.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -rand_unix.o: ../../include/openssl/objects.h -rand_unix.o: ../../include/openssl/opensslconf.h -rand_unix.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -rand_unix.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -rand_unix.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h -rand_unix.o: rand_unix.c -rand_win.o: ../../e_os.h ../../include/openssl/asn1.h -rand_win.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -rand_win.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rand_win.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -rand_win.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -rand_win.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -rand_win.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -rand_win.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h -rand_win.o: rand_win.c -randfile.o: ../../e_os.h ../../include/openssl/buffer.h -randfile.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -randfile.o: ../../include/openssl/opensslconf.h -randfile.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -randfile.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -randfile.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -randfile.o: randfile.c diff --git a/deps/openssl/openssl/crypto/rand/build.info b/deps/openssl/openssl/crypto/rand/build.info new file mode 100644 index 0000000000..3ad50e2590 --- /dev/null +++ b/deps/openssl/openssl/crypto/rand/build.info @@ -0,0 +1,4 @@ +LIBS=../../libcrypto +SOURCE[../../libcrypto]=\ + md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c \ + rand_win.c rand_unix.c rand_vms.c diff --git a/deps/openssl/openssl/crypto/rand/md_rand.c b/deps/openssl/openssl/crypto/rand/md_rand.c index a7af9f9d86..7d5fcb7f67 100644 --- a/deps/openssl/openssl/crypto/rand/md_rand.c +++ b/deps/openssl/openssl/crypto/rand/md_rand.c @@ -1,134 +1,38 @@ -/* crypto/rand/md_rand.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ -#define OPENSSL_FIPSEVP - -#ifdef MD_RAND_DEBUG -# ifndef NDEBUG -# define NDEBUG -# endif -#endif - -#include <assert.h> #include <stdio.h> #include <string.h> #include "e_os.h" +#if !(defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_DSPBIOS)) +# include <sys/time.h> +#endif +#if defined(OPENSSL_SYS_VXWORKS) +# include <time.h> +#endif + +#include <openssl/opensslconf.h> #include <openssl/crypto.h> #include <openssl/rand.h> +#include <openssl/async.h> #include "rand_lcl.h" #include <openssl/err.h> +#include <internal/thread_once.h> + +#ifdef OPENSSL_FIPS +# include <openssl/fips.h> +#endif + #ifdef BN_DEBUG # define PREDICT #endif @@ -144,41 +48,59 @@ static long md_count[2] = { 0, 0 }; static double entropy = 0; static int initialized = 0; -static unsigned int crypto_lock_rand = 0; /* may be set only when a thread - * holds CRYPTO_LOCK_RAND (to - * prevent double locking) */ -/* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */ +static CRYPTO_RWLOCK *rand_lock = NULL; +static CRYPTO_RWLOCK *rand_tmp_lock = NULL; +static CRYPTO_ONCE rand_lock_init = CRYPTO_ONCE_STATIC_INIT; + +/* May be set only when a thread holds rand_lock (to prevent double locking) */ +static unsigned int crypto_lock_rand = 0; +/* access to locking_threadid is synchronized by rand_tmp_lock */ /* valid iff crypto_lock_rand is set */ -static CRYPTO_THREADID locking_threadid; +static CRYPTO_THREAD_ID locking_threadid; #ifdef PREDICT int rand_predictable = 0; #endif -const char RAND_version[] = "RAND" OPENSSL_VERSION_PTEXT; - -static void ssleay_rand_cleanup(void); -static void ssleay_rand_seed(const void *buf, int num); -static void ssleay_rand_add(const void *buf, int num, double add_entropy); -static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num); -static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num); -static int ssleay_rand_status(void); - -RAND_METHOD rand_ssleay_meth = { - ssleay_rand_seed, - ssleay_rand_nopseudo_bytes, - ssleay_rand_cleanup, - ssleay_rand_add, - ssleay_rand_pseudo_bytes, - ssleay_rand_status +static int rand_hw_seed(EVP_MD_CTX *ctx); + +static void rand_cleanup(void); +static int rand_seed(const void *buf, int num); +static int rand_add(const void *buf, int num, double add_entropy); +static int rand_bytes(unsigned char *buf, int num, int pseudo); +static int rand_nopseudo_bytes(unsigned char *buf, int num); +#if OPENSSL_API_COMPAT < 0x10100000L +static int rand_pseudo_bytes(unsigned char *buf, int num); +#endif +static int rand_status(void); + +static RAND_METHOD rand_meth = { + rand_seed, + rand_nopseudo_bytes, + rand_cleanup, + rand_add, +#if OPENSSL_API_COMPAT < 0x10100000L + rand_pseudo_bytes, +#else + NULL, +#endif + rand_status }; -RAND_METHOD *RAND_SSLeay(void) +DEFINE_RUN_ONCE_STATIC(do_rand_lock_init) { - return (&rand_ssleay_meth); + OPENSSL_init_crypto(0, NULL); + rand_lock = CRYPTO_THREAD_lock_new(); + rand_tmp_lock = CRYPTO_THREAD_lock_new(); + return rand_lock != NULL && rand_tmp_lock != NULL; } -static void ssleay_rand_cleanup(void) +RAND_METHOD *RAND_OpenSSL(void) +{ + return (&rand_meth); +} + +static void rand_cleanup(void) { OPENSSL_cleanse(state, sizeof(state)); state_num = 0; @@ -188,18 +110,21 @@ static void ssleay_rand_cleanup(void) md_count[1] = 0; entropy = 0; initialized = 0; + CRYPTO_THREAD_lock_free(rand_lock); + CRYPTO_THREAD_lock_free(rand_tmp_lock); } -static void ssleay_rand_add(const void *buf, int num, double add) +static int rand_add(const void *buf, int num, double add) { int i, j, k, st_idx; long md_c[2]; unsigned char local_md[MD_DIGEST_LENGTH]; - EVP_MD_CTX m; + EVP_MD_CTX *m; int do_not_lock; + int rv = 0; if (!num) - return; + return 1; /* * (Based on the rand(3) manpage) @@ -216,18 +141,24 @@ static void ssleay_rand_add(const void *buf, int num, double add) * hash function. */ + m = EVP_MD_CTX_new(); + if (m == NULL) + goto err; + + if (!RUN_ONCE(&rand_lock_init, do_rand_lock_init)) + goto err; + /* check if we already have the lock */ if (crypto_lock_rand) { - CRYPTO_THREADID cur; - CRYPTO_THREADID_current(&cur); - CRYPTO_r_lock(CRYPTO_LOCK_RAND2); - do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur); - CRYPTO_r_unlock(CRYPTO_LOCK_RAND2); + CRYPTO_THREAD_ID cur = CRYPTO_THREAD_get_current_id(); + CRYPTO_THREAD_read_lock(rand_tmp_lock); + do_not_lock = CRYPTO_THREAD_compare_id(locking_threadid, cur); + CRYPTO_THREAD_unlock(rand_tmp_lock); } else do_not_lock = 0; if (!do_not_lock) - CRYPTO_w_lock(CRYPTO_LOCK_RAND); + CRYPTO_THREAD_write_lock(rand_lock); st_idx = state_index; /* @@ -259,27 +190,27 @@ static void ssleay_rand_add(const void *buf, int num, double add) md_count[1] += (num / MD_DIGEST_LENGTH) + (num % MD_DIGEST_LENGTH > 0); if (!do_not_lock) - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); + CRYPTO_THREAD_unlock(rand_lock); - EVP_MD_CTX_init(&m); for (i = 0; i < num; i += MD_DIGEST_LENGTH) { j = (num - i); j = (j > MD_DIGEST_LENGTH) ? MD_DIGEST_LENGTH : j; - if (!MD_Init(&m) || - !MD_Update(&m, local_md, MD_DIGEST_LENGTH)) + if (!MD_Init(m)) + goto err; + if (!MD_Update(m, local_md, MD_DIGEST_LENGTH)) goto err; k = (st_idx + j) - STATE_SIZE; if (k > 0) { - if (!MD_Update(&m, &(state[st_idx]), j - k) || - !MD_Update(&m, &(state[0]), k)) + if (!MD_Update(m, &(state[st_idx]), j - k)) goto err; - } else - if (!MD_Update(&m, &(state[st_idx]), j)) + if (!MD_Update(m, &(state[0]), k)) goto err; + } else if (!MD_Update(m, &(state[st_idx]), j)) + goto err; /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */ - if (!MD_Update(&m, buf, j)) + if (!MD_Update(m, buf, j)) goto err; /* * We know that line may cause programs such as purify and valgrind @@ -289,8 +220,9 @@ static void ssleay_rand_add(const void *buf, int num, double add) * insecure keys. */ - if (!MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c)) || - !MD_Final(&m, local_md)) + if (!MD_Update(m, (unsigned char *)&(md_c[0]), sizeof(md_c))) + goto err; + if (!MD_Final(m, local_md)) goto err; md_c[1]++; @@ -300,7 +232,7 @@ static void ssleay_rand_add(const void *buf, int num, double add) /* * Parallel threads may interfere with this, but always each byte * of the new state is the XOR of some previous value of its and - * local_md (itermediate values may be lost). Alway using locking + * local_md (intermediate values may be lost). Alway using locking * could hurt performance more than necessary given that * conflicts occur only when the total seeding is longer than the * random state. @@ -312,7 +244,7 @@ static void ssleay_rand_add(const void *buf, int num, double add) } if (!do_not_lock) - CRYPTO_w_lock(CRYPTO_LOCK_RAND); + CRYPTO_THREAD_write_lock(rand_lock); /* * Don't just copy back local_md into md -- this could mean that other * thread's seeding remains without effect (except for the incremented @@ -325,22 +257,20 @@ static void ssleay_rand_add(const void *buf, int num, double add) if (entropy < ENTROPY_NEEDED) /* stop counting when we have enough */ entropy += add; if (!do_not_lock) - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); - -#if !defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) - assert(md_c[1] == md_count[1]); -#endif + CRYPTO_THREAD_unlock(rand_lock); + rv = 1; err: - EVP_MD_CTX_cleanup(&m); + EVP_MD_CTX_free(m); + return rv; } -static void ssleay_rand_seed(const void *buf, int num) +static int rand_seed(const void *buf, int num) { - ssleay_rand_add(buf, num, (double)num); + return rand_add(buf, num, (double)num); } -int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock) +static int rand_bytes(unsigned char *buf, int num, int pseudo) { static volatile int stirred_pool = 0; int i, j, k; @@ -348,11 +278,32 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock) int ok; long md_c[2]; unsigned char local_md[MD_DIGEST_LENGTH]; - EVP_MD_CTX m; + EVP_MD_CTX *m; #ifndef GETPID_IS_MEANINGLESS pid_t curr_pid = getpid(); #endif + time_t curr_time = time(NULL); int do_stir_pool = 0; +/* time value for various platforms */ +#ifdef OPENSSL_SYS_WIN32 + FILETIME tv; +# ifdef _WIN32_WCE + SYSTEMTIME t; + GetSystemTime(&t); + SystemTimeToFileTime(&t, &tv); +# else + GetSystemTimeAsFileTime(&tv); +# endif +#elif defined(OPENSSL_SYS_VXWORKS) + struct timespec tv; + clock_gettime(CLOCK_REALTIME, &ts); +#elif defined(OPENSSL_SYS_DSPBIOS) + unsigned long long tv, OPENSSL_rdtsc(); + tv = OPENSSL_rdtsc(); +#else + struct timeval tv; + gettimeofday(&tv, NULL); +#endif #ifdef PREDICT if (rand_predictable) { @@ -367,7 +318,10 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock) if (num <= 0) return 1; - EVP_MD_CTX_init(&m); + m = EVP_MD_CTX_new(); + if (m == NULL) + goto err_mem; + /* round upwards to multiple of MD_DIGEST_LENGTH/2 */ num_ceil = (1 + (num - 1) / (MD_DIGEST_LENGTH / 2)) * (MD_DIGEST_LENGTH / 2); @@ -389,13 +343,21 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock) * are fed into the hash function and the results are kept in the * global 'md'. */ - if (lock) - CRYPTO_w_lock(CRYPTO_LOCK_RAND); - /* prevent ssleay_rand_bytes() from trying to obtain the lock again */ - CRYPTO_w_lock(CRYPTO_LOCK_RAND2); - CRYPTO_THREADID_current(&locking_threadid); - CRYPTO_w_unlock(CRYPTO_LOCK_RAND2); + if (!RUN_ONCE(&rand_lock_init, do_rand_lock_init)) + goto err_mem; + + CRYPTO_THREAD_write_lock(rand_lock); + /* + * We could end up in an async engine while holding this lock so ensure + * we don't pause and cause a deadlock + */ + ASYNC_block_pause(); + + /* prevent rand_bytes() from trying to obtain the lock again */ + CRYPTO_THREAD_write_lock(rand_tmp_lock); + locking_threadid = CRYPTO_THREAD_get_current_id(); + CRYPTO_THREAD_unlock(rand_tmp_lock); crypto_lock_rand = 1; if (!initialized) { @@ -429,7 +391,7 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock) * In the output function only half of 'md' remains secret, so we * better make sure that the required entropy gets 'evenly * distributed' through 'state', our randomness pool. The input - * function (ssleay_rand_add) chains all of 'md', which makes it more + * function (rand_add) chains all of 'md', which makes it more * suitable for this purpose. */ @@ -441,9 +403,9 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock) #define DUMMY_SEED "...................." /* at least MD_DIGEST_LENGTH */ /* * Note that the seed does not matter, it's just that - * ssleay_rand_add expects to have something to hash. + * rand_add expects to have something to hash. */ - ssleay_rand_add(DUMMY_SEED, MD_DIGEST_LENGTH, 0.0); + rand_add(DUMMY_SEED, MD_DIGEST_LENGTH, 0.0); n -= MD_DIGEST_LENGTH; } if (ok) @@ -469,48 +431,45 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock) /* before unlocking, we must clear 'crypto_lock_rand' */ crypto_lock_rand = 0; - if (lock) - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); + ASYNC_unblock_pause(); + CRYPTO_THREAD_unlock(rand_lock); while (num > 0) { /* num_ceil -= MD_DIGEST_LENGTH/2 */ j = (num >= MD_DIGEST_LENGTH / 2) ? MD_DIGEST_LENGTH / 2 : num; num -= j; - if (!MD_Init(&m)) - goto err; + if (!MD_Init(m)) + goto err; #ifndef GETPID_IS_MEANINGLESS if (curr_pid) { /* just in the first iteration to save time */ - if (!MD_Update(&m, (unsigned char *)&curr_pid, sizeof(curr_pid))) + if (!MD_Update(m, (unsigned char *)&curr_pid, sizeof(curr_pid))) goto err; curr_pid = 0; } #endif - if (!MD_Update(&m, local_md, MD_DIGEST_LENGTH) || - !MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c))) + if (curr_time) { /* just in the first iteration to save time */ + if (!MD_Update(m, (unsigned char *)&curr_time, sizeof(curr_time))) + goto err; + if (!MD_Update(m, (unsigned char *)&tv, sizeof(tv))) + goto err; + curr_time = 0; + if (!rand_hw_seed(m)) + goto err; + } + if (!MD_Update(m, local_md, MD_DIGEST_LENGTH)) goto err; - -#ifndef PURIFY /* purify complains */ - /* - * The following line uses the supplied buffer as a small source of - * entropy: since this buffer is often uninitialised it may cause - * programs such as purify or valgrind to complain. So for those - * builds it is not used: the removal of such a small source of - * entropy has negligible impact on security. - */ - if (!MD_Update(&m, buf, j)) + if (!MD_Update(m, (unsigned char *)&(md_c[0]), sizeof(md_c))) goto err; -#endif k = (st_idx + MD_DIGEST_LENGTH / 2) - st_num; if (k > 0) { - if (!MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 - k) || - !MD_Update(&m, &(state[0]), k)) + if (!MD_Update(m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 - k)) goto err; - } else { - if (!MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2)) + if (!MD_Update(m, &(state[0]), k)) goto err; - } - if (!MD_Final(&m, local_md)) + } else if (!MD_Update(m, &(state[st_idx]), MD_DIGEST_LENGTH / 2)) + goto err; + if (!MD_Final(m, local_md)) goto err; for (i = 0; i < MD_DIGEST_LENGTH / 2; i++) { @@ -523,78 +482,94 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock) } } - if (!MD_Init(&m) || - !MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c)) || - !MD_Update(&m, local_md, MD_DIGEST_LENGTH)) + if (!MD_Init(m) + || !MD_Update(m, (unsigned char *)&(md_c[0]), sizeof(md_c)) + || !MD_Update(m, local_md, MD_DIGEST_LENGTH)) goto err; - if (lock) - CRYPTO_w_lock(CRYPTO_LOCK_RAND); - if (!MD_Update(&m, md, MD_DIGEST_LENGTH) || - !MD_Final(&m, md)) { - if (lock) - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); + CRYPTO_THREAD_write_lock(rand_lock); + /* + * Prevent deadlocks if we end up in an async engine + */ + ASYNC_block_pause(); + if (!MD_Update(m, md, MD_DIGEST_LENGTH) || !MD_Final(m, md)) { + ASYNC_unblock_pause(); + CRYPTO_THREAD_unlock(rand_lock); goto err; } - if (lock) - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); + ASYNC_unblock_pause(); + CRYPTO_THREAD_unlock(rand_lock); - EVP_MD_CTX_cleanup(&m); + EVP_MD_CTX_free(m); if (ok) return (1); else if (pseudo) return 0; else { - RANDerr(RAND_F_SSLEAY_RAND_BYTES, RAND_R_PRNG_NOT_SEEDED); + RANDerr(RAND_F_RAND_BYTES, RAND_R_PRNG_NOT_SEEDED); ERR_add_error_data(1, "You need to read the OpenSSL FAQ, " - "http://www.openssl.org/support/faq.html"); + "https://www.openssl.org/docs/faq.html"); return (0); } - err: - EVP_MD_CTX_cleanup(&m); - return (0); + RANDerr(RAND_F_RAND_BYTES, ERR_R_EVP_LIB); + EVP_MD_CTX_free(m); + return 0; + err_mem: + RANDerr(RAND_F_RAND_BYTES, ERR_R_MALLOC_FAILURE); + EVP_MD_CTX_free(m); + return 0; + } -static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num) +static int rand_nopseudo_bytes(unsigned char *buf, int num) { - return ssleay_rand_bytes(buf, num, 0, 1); + return rand_bytes(buf, num, 0); } +#if OPENSSL_API_COMPAT < 0x10100000L /* * pseudo-random bytes that are guaranteed to be unique but not unpredictable */ -static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) +static int rand_pseudo_bytes(unsigned char *buf, int num) { - return ssleay_rand_bytes(buf, num, 1, 1); + return rand_bytes(buf, num, 1); } +#endif -static int ssleay_rand_status(void) +static int rand_status(void) { - CRYPTO_THREADID cur; + CRYPTO_THREAD_ID cur; int ret; int do_not_lock; - CRYPTO_THREADID_current(&cur); + if (!RUN_ONCE(&rand_lock_init, do_rand_lock_init)) + return 0; + + cur = CRYPTO_THREAD_get_current_id(); /* * check if we already have the lock (could happen if a RAND_poll() * implementation calls RAND_status()) */ if (crypto_lock_rand) { - CRYPTO_r_lock(CRYPTO_LOCK_RAND2); - do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur); - CRYPTO_r_unlock(CRYPTO_LOCK_RAND2); + CRYPTO_THREAD_read_lock(rand_tmp_lock); + do_not_lock = CRYPTO_THREAD_compare_id(locking_threadid, cur); + CRYPTO_THREAD_unlock(rand_tmp_lock); } else do_not_lock = 0; if (!do_not_lock) { - CRYPTO_w_lock(CRYPTO_LOCK_RAND); + CRYPTO_THREAD_write_lock(rand_lock); + /* + * Prevent deadlocks in case we end up in an async engine + */ + ASYNC_block_pause(); /* - * prevent ssleay_rand_bytes() from trying to obtain the lock again + * prevent rand_bytes() from trying to obtain the lock again */ - CRYPTO_w_lock(CRYPTO_LOCK_RAND2); - CRYPTO_THREADID_cpy(&locking_threadid, &cur); - CRYPTO_w_unlock(CRYPTO_LOCK_RAND2); + CRYPTO_THREAD_write_lock(rand_tmp_lock); + locking_threadid = cur; + CRYPTO_THREAD_unlock(rand_tmp_lock); crypto_lock_rand = 1; } @@ -609,8 +584,84 @@ static int ssleay_rand_status(void) /* before unlocking, we must clear 'crypto_lock_rand' */ crypto_lock_rand = 0; - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); + ASYNC_unblock_pause(); + CRYPTO_THREAD_unlock(rand_lock); } return ret; } + +/* + * rand_hw_seed: get seed data from any available hardware RNG. only + * currently supports rdrand. + */ + +/* Adapted from eng_rdrand.c */ + +#if (defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ + defined(__x86_64) || defined(__x86_64__) || \ + defined(_M_AMD64) || defined (_M_X64)) && defined(OPENSSL_CPUID_OBJ) \ + && !defined(OPENSSL_NO_RDRAND) + +# define RDRAND_CALLS 4 + +size_t OPENSSL_ia32_rdrand(void); +extern unsigned int OPENSSL_ia32cap_P[]; + +static int rand_hw_seed(EVP_MD_CTX *ctx) +{ + int i; + if (!(OPENSSL_ia32cap_P[1] & (1 << (62 - 32)))) + return 1; + for (i = 0; i < RDRAND_CALLS; i++) { + size_t rnd; + rnd = OPENSSL_ia32_rdrand(); + if (rnd == 0) + return 1; + if (!MD_Update(ctx, (unsigned char *)&rnd, sizeof(size_t))) + return 0; + } + return 1; +} + +/* XOR an existing buffer with random data */ + +void rand_hw_xor(unsigned char *buf, size_t num) +{ + size_t rnd; + if (!(OPENSSL_ia32cap_P[1] & (1 << (62 - 32)))) + return; + while (num >= sizeof(size_t)) { + rnd = OPENSSL_ia32_rdrand(); + if (rnd == 0) + return; + *((size_t *)buf) ^= rnd; + buf += sizeof(size_t); + num -= sizeof(size_t); + } + if (num) { + rnd = OPENSSL_ia32_rdrand(); + if (rnd == 0) + return; + while (num) { + *buf ^= rnd & 0xff; + rnd >>= 8; + buf++; + num--; + } + } +} + +#else + +static int rand_hw_seed(EVP_MD_CTX *ctx) +{ + return 1; +} + +void rand_hw_xor(unsigned char *buf, size_t num) +{ + return; +} + +#endif diff --git a/deps/openssl/openssl/crypto/rand/rand.h b/deps/openssl/openssl/crypto/rand/rand.h deleted file mode 100644 index 2553afda20..0000000000 --- a/deps/openssl/openssl/crypto/rand/rand.h +++ /dev/null @@ -1,150 +0,0 @@ -/* crypto/rand/rand.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_RAND_H -# define HEADER_RAND_H - -# include <stdlib.h> -# include <openssl/ossl_typ.h> -# include <openssl/e_os2.h> - -# if defined(OPENSSL_SYS_WINDOWS) -# include <windows.h> -# endif - -#ifdef __cplusplus -extern "C" { -#endif - -# if defined(OPENSSL_FIPS) -# define FIPS_RAND_SIZE_T size_t -# endif - -/* Already defined in ossl_typ.h */ -/* typedef struct rand_meth_st RAND_METHOD; */ - -struct rand_meth_st { - void (*seed) (const void *buf, int num); - int (*bytes) (unsigned char *buf, int num); - void (*cleanup) (void); - void (*add) (const void *buf, int num, double entropy); - int (*pseudorand) (unsigned char *buf, int num); - int (*status) (void); -}; - -# ifdef BN_DEBUG -extern int rand_predictable; -# endif - -int RAND_set_rand_method(const RAND_METHOD *meth); -const RAND_METHOD *RAND_get_rand_method(void); -# ifndef OPENSSL_NO_ENGINE -int RAND_set_rand_engine(ENGINE *engine); -# endif -RAND_METHOD *RAND_SSLeay(void); -void RAND_cleanup(void); -int RAND_bytes(unsigned char *buf, int num); -int RAND_pseudo_bytes(unsigned char *buf, int num); -void RAND_seed(const void *buf, int num); -void RAND_add(const void *buf, int num, double entropy); -int RAND_load_file(const char *file, long max_bytes); -int RAND_write_file(const char *file); -const char *RAND_file_name(char *file, size_t num); -int RAND_status(void); -int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes); -int RAND_egd(const char *path); -int RAND_egd_bytes(const char *path, int bytes); -int RAND_poll(void); - -# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) - -void RAND_screen(void); -int RAND_event(UINT, WPARAM, LPARAM); - -# endif - -# ifdef OPENSSL_FIPS -void RAND_set_fips_drbg_type(int type, int flags); -int RAND_init_fips(void); -# endif - -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_RAND_strings(void); - -/* Error codes for the RAND functions. */ - -/* Function codes. */ -# define RAND_F_RAND_GET_RAND_METHOD 101 -# define RAND_F_RAND_INIT_FIPS 102 -# define RAND_F_SSLEAY_RAND_BYTES 100 - -/* Reason codes. */ -# define RAND_R_DUAL_EC_DRBG_DISABLED 104 -# define RAND_R_ERROR_INITIALISING_DRBG 102 -# define RAND_R_ERROR_INSTANTIATING_DRBG 103 -# define RAND_R_NO_FIPS_RANDOM_METHOD_SET 101 -# define RAND_R_PRNG_NOT_SEEDED 100 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/deps/openssl/openssl/crypto/rand/rand_egd.c b/deps/openssl/openssl/crypto/rand/rand_egd.c index 66fb14c87e..50963b8e48 100644 --- a/deps/openssl/openssl/crypto/rand/rand_egd.c +++ b/deps/openssl/openssl/crypto/rand/rand_egd.c @@ -1,62 +1,20 @@ -/* crypto/rand/rand_egd.c */ -/* Written by Ulf Moeller and Lutz Jaenicke for the OpenSSL project. */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). +/* + * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ -#include <openssl/e_os2.h> -#include <openssl/rand.h> -#include <openssl/buffer.h> +#include <openssl/opensslconf.h> +#ifdef OPENSSL_NO_EGD +NON_EMPTY_TRANSLATION_UNIT +#else + +# include <openssl/crypto.h> +# include <openssl/e_os2.h> +# include <openssl/rand.h> /*- * Query the EGD <URL: http://www.lothar.com/tech/crypto/>. @@ -72,7 +30,7 @@ * of entropy bytes are requested. The connection is left open until the * query is competed. * RAND_query_egd_bytes() returns with - * -1 if an error occured during connection or communication. + * -1 if an error occurred during connection or communication. * num the number of bytes read from the EGD socket. This number is either * the number of bytes requested or smaller, if the EGD pool is * drained and the daemon signals that the pool is empty. @@ -84,18 +42,18 @@ * RAND_egd_bytes() is a wrapper for RAND_query_egd_bytes() with buf=NULL. * Unlike RAND_query_egd_bytes(), RAND_status() is used to test the * seed status so that the return value can reflect the seed state: - * -1 if an error occured during connection or communication _or_ + * -1 if an error occurred during connection or communication _or_ * if the PRNG has still not received the required seeding. * num the number of bytes read from the EGD socket. This number is either * the number of bytes requested or smaller, if the EGD pool is * drained and the daemon signals that the pool is empty. * - * RAND_egd(path) will query 255 bytes and use the bytes retreived to seed + * RAND_egd(path) will query 255 bytes and use the bytes retrieved to seed * the PRNG. * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. */ -#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_BEOS) +# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI) int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) { return (-1); @@ -110,30 +68,26 @@ int RAND_egd_bytes(const char *path, int bytes) { return (-1); } -#else -# include <openssl/opensslconf.h> -# include OPENSSL_UNISTD -# include <stddef.h> -# include <sys/types.h> -# include <sys/socket.h> -# ifndef NO_SYS_UN_H -# ifdef OPENSSL_SYS_VXWORKS -# include <streams/un.h> -# else -# include <sys/un.h> -# endif # else +# include <openssl/opensslconf.h> +# include OPENSSL_UNISTD +# include <stddef.h> +# include <sys/types.h> +# include <sys/socket.h> +# ifndef NO_SYS_UN_H +# ifdef OPENSSL_SYS_VXWORKS +# include <streams/un.h> +# else +# include <sys/un.h> +# endif +# else struct sockaddr_un { short sun_family; /* AF_UNIX */ char sun_path[108]; /* path name (gag) */ }; -# endif /* NO_SYS_UN_H */ -# include <string.h> -# include <errno.h> - -# ifndef offsetof -# define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER) -# endif +# endif /* NO_SYS_UN_H */ +# include <string.h> +# include <errno.h> int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) { @@ -148,7 +102,7 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) addr.sun_family = AF_UNIX; if (strlen(path) >= sizeof(addr.sun_path)) return (-1); - BUF_strlcpy(addr.sun_path, path, sizeof(addr.sun_path)); + OPENSSL_strlcpy(addr.sun_path, path, sizeof(addr.sun_path)); len = offsetof(struct sockaddr_un, sun_path) + strlen(path); fd = socket(AF_UNIX, SOCK_STREAM, 0); if (fd == -1) @@ -159,26 +113,27 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) success = 1; else { switch (errno) { -# ifdef EINTR +# ifdef EINTR case EINTR: -# endif -# ifdef EAGAIN +# endif +# ifdef EAGAIN case EAGAIN: -# endif -# ifdef EINPROGRESS +# endif +# ifdef EINPROGRESS case EINPROGRESS: -# endif -# ifdef EALREADY +# endif +# ifdef EALREADY case EALREADY: -# endif +# endif /* No error, try again */ break; -# ifdef EISCONN +# ifdef EISCONN case EISCONN: success = 1; break; -# endif +# endif default: + ret = -1; goto err; /* failure */ } } @@ -194,12 +149,12 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) numbytes += num; else { switch (errno) { -# ifdef EINTR +# ifdef EINTR case EINTR: -# endif -# ifdef EAGAIN +# endif +# ifdef EAGAIN case EAGAIN: -# endif +# endif /* No error, try again */ break; default: @@ -217,12 +172,12 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) numbytes += num; else { switch (errno) { -# ifdef EINTR +# ifdef EINTR case EINTR: -# endif -# ifdef EAGAIN +# endif +# ifdef EAGAIN case EAGAIN: -# endif +# endif /* No error, try again */ break; default: @@ -246,12 +201,12 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) numbytes += num; else { switch (errno) { -# ifdef EINTR +# ifdef EINTR case EINTR: -# endif -# ifdef EAGAIN +# endif +# ifdef EAGAIN case EAGAIN: -# endif +# endif /* No error, try again */ break; default: @@ -273,10 +228,10 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) int RAND_egd_bytes(const char *path, int bytes) { - int num, ret = 0; + int num, ret = -1; num = RAND_query_egd_bytes(path, NULL, bytes); - if (num < 1) + if (num < 0) goto err; if (RAND_status() == 1) ret = num; @@ -289,4 +244,6 @@ int RAND_egd(const char *path) return (RAND_egd_bytes(path, 255)); } +# endif + #endif diff --git a/deps/openssl/openssl/crypto/rand/rand_err.c b/deps/openssl/openssl/crypto/rand/rand_err.c index 55d86ea8a3..55431264a0 100644 --- a/deps/openssl/openssl/crypto/rand/rand_err.c +++ b/deps/openssl/openssl/crypto/rand/rand_err.c @@ -1,62 +1,11 @@ -/* crypto/rand/rand_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - /* - * NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. + * Generated by util/mkerr.pl DO NOT EDIT + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> @@ -70,25 +19,18 @@ # define ERR_REASON(reason) ERR_PACK(ERR_LIB_RAND,0,reason) static ERR_STRING_DATA RAND_str_functs[] = { - {ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"}, - {ERR_FUNC(RAND_F_RAND_INIT_FIPS), "RAND_init_fips"}, - {ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"}, + {ERR_FUNC(RAND_F_RAND_BYTES), "RAND_bytes"}, {0, NULL} }; static ERR_STRING_DATA RAND_str_reasons[] = { - {ERR_REASON(RAND_R_DUAL_EC_DRBG_DISABLED), "dual ec drbg disabled"}, - {ERR_REASON(RAND_R_ERROR_INITIALISING_DRBG), "error initialising drbg"}, - {ERR_REASON(RAND_R_ERROR_INSTANTIATING_DRBG), "error instantiating drbg"}, - {ERR_REASON(RAND_R_NO_FIPS_RANDOM_METHOD_SET), - "no fips random method set"}, {ERR_REASON(RAND_R_PRNG_NOT_SEEDED), "PRNG not seeded"}, {0, NULL} }; #endif -void ERR_load_RAND_strings(void) +int ERR_load_RAND_strings(void) { #ifndef OPENSSL_NO_ERR @@ -97,4 +39,5 @@ void ERR_load_RAND_strings(void) ERR_load_strings(0, RAND_str_reasons); } #endif + return 1; } diff --git a/deps/openssl/openssl/crypto/rand/rand_lcl.h b/deps/openssl/openssl/crypto/rand/rand_lcl.h index f9fda3eb89..d98c90e2ac 100644 --- a/deps/openssl/openssl/crypto/rand/rand_lcl.h +++ b/deps/openssl/openssl/crypto/rand/rand_lcl.h @@ -1,112 +1,10 @@ -/* crypto/rand/rand_lcl.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #ifndef HEADER_RAND_LCL_H @@ -115,17 +13,7 @@ # define ENTROPY_NEEDED 32 /* require 256 bits = 32 bytes of randomness */ # if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND) -# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) -# define USE_SHA1_RAND -# elif !defined(OPENSSL_NO_MD5) -# define USE_MD5_RAND -# elif !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES) -# define USE_MDC2_RAND -# elif !defined(OPENSSL_NO_MD2) -# define USE_MD2_RAND -# else -# error No message digest algorithm available -# endif +# define USE_SHA1_RAND # endif # include <openssl/evp.h> @@ -153,6 +41,6 @@ # define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md2(), NULL) # endif -int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock); +void rand_hw_xor(unsigned char *buf, size_t num); #endif diff --git a/deps/openssl/openssl/crypto/rand/rand_lib.c b/deps/openssl/openssl/crypto/rand/rand_lib.c index 88a78d3506..62770d49d8 100644 --- a/deps/openssl/openssl/crypto/rand/rand_lib.c +++ b/deps/openssl/openssl/crypto/rand/rand_lib.c @@ -1,102 +1,75 @@ -/* crypto/rand/rand_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> #include <time.h> -#include "cryptlib.h" -#include <openssl/rand.h> - -#ifndef OPENSSL_NO_ENGINE -# include <openssl/engine.h> -#endif +#include "internal/cryptlib.h" +#include <openssl/opensslconf.h> +#include "internal/rand.h" +#include <openssl/engine.h> +#include "internal/thread_once.h" #ifdef OPENSSL_FIPS # include <openssl/fips.h> # include <openssl/fips_rand.h> -# include "rand_lcl.h" #endif #ifndef OPENSSL_NO_ENGINE /* non-NULL if default_RAND_meth is ENGINE-provided */ static ENGINE *funct_ref = NULL; +static CRYPTO_RWLOCK *rand_engine_lock = NULL; #endif static const RAND_METHOD *default_RAND_meth = NULL; +static CRYPTO_RWLOCK *rand_meth_lock = NULL; +static CRYPTO_ONCE rand_lock_init = CRYPTO_ONCE_STATIC_INIT; + +DEFINE_RUN_ONCE_STATIC(do_rand_lock_init) +{ + int ret = 1; +#ifndef OPENSSL_NO_ENGINE + rand_engine_lock = CRYPTO_THREAD_lock_new(); + ret &= rand_engine_lock != NULL; +#endif + rand_meth_lock = CRYPTO_THREAD_lock_new(); + ret &= rand_meth_lock != NULL; + return ret; +} int RAND_set_rand_method(const RAND_METHOD *meth) { + if (!RUN_ONCE(&rand_lock_init, do_rand_lock_init)) + return 0; + + CRYPTO_THREAD_write_lock(rand_meth_lock); #ifndef OPENSSL_NO_ENGINE - if (funct_ref) { - ENGINE_finish(funct_ref); - funct_ref = NULL; - } + ENGINE_finish(funct_ref); + funct_ref = NULL; #endif default_RAND_meth = meth; + CRYPTO_THREAD_unlock(rand_meth_lock); return 1; } const RAND_METHOD *RAND_get_rand_method(void) { + const RAND_METHOD *tmp_meth = NULL; + + if (!RUN_ONCE(&rand_lock_init, do_rand_lock_init)) + return NULL; + + CRYPTO_THREAD_write_lock(rand_meth_lock); if (!default_RAND_meth) { #ifndef OPENSSL_NO_ENGINE ENGINE *e = ENGINE_get_default_RAND(); if (e) { default_RAND_meth = ENGINE_get_RAND(e); - if (!default_RAND_meth) { + if (default_RAND_meth == NULL) { ENGINE_finish(e); e = NULL; } @@ -105,37 +78,49 @@ const RAND_METHOD *RAND_get_rand_method(void) funct_ref = e; else #endif - default_RAND_meth = RAND_SSLeay(); + default_RAND_meth = RAND_OpenSSL(); } - return default_RAND_meth; + tmp_meth = default_RAND_meth; + CRYPTO_THREAD_unlock(rand_meth_lock); + return tmp_meth; } #ifndef OPENSSL_NO_ENGINE int RAND_set_rand_engine(ENGINE *engine) { const RAND_METHOD *tmp_meth = NULL; + + if (!RUN_ONCE(&rand_lock_init, do_rand_lock_init)) + return 0; + if (engine) { if (!ENGINE_init(engine)) return 0; tmp_meth = ENGINE_get_RAND(engine); - if (!tmp_meth) { + if (tmp_meth == NULL) { ENGINE_finish(engine); return 0; } } + CRYPTO_THREAD_write_lock(rand_engine_lock); /* This function releases any prior ENGINE so call it first */ RAND_set_rand_method(tmp_meth); funct_ref = engine; + CRYPTO_THREAD_unlock(rand_engine_lock); return 1; } #endif -void RAND_cleanup(void) +void rand_cleanup_int(void) { - const RAND_METHOD *meth = RAND_get_rand_method(); + const RAND_METHOD *meth = default_RAND_meth; if (meth && meth->cleanup) meth->cleanup(); RAND_set_rand_method(NULL); + CRYPTO_THREAD_lock_free(rand_meth_lock); +#ifndef OPENSSL_NO_ENGINE + CRYPTO_THREAD_lock_free(rand_engine_lock); +#endif } void RAND_seed(const void *buf, int num) @@ -160,6 +145,7 @@ int RAND_bytes(unsigned char *buf, int num) return (-1); } +#if OPENSSL_API_COMPAT < 0x10100000L int RAND_pseudo_bytes(unsigned char *buf, int num) { const RAND_METHOD *meth = RAND_get_rand_method(); @@ -167,6 +153,7 @@ int RAND_pseudo_bytes(unsigned char *buf, int num) return meth->pseudorand(buf, num); return (-1); } +#endif int RAND_status(void) { @@ -175,126 +162,3 @@ int RAND_status(void) return meth->status(); return 0; } - -#ifdef OPENSSL_FIPS - -/* - * FIPS DRBG initialisation code. This sets up the DRBG for use by the rest - * of OpenSSL. - */ - -/* - * Entropy gatherer: use standard OpenSSL PRNG to seed (this will gather - * entropy internally through RAND_poll(). - */ - -static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout, - int entropy, size_t min_len, size_t max_len) -{ - /* Round up request to multiple of block size */ - min_len = ((min_len + 19) / 20) * 20; - *pout = OPENSSL_malloc(min_len); - if (!*pout) - return 0; - if (ssleay_rand_bytes(*pout, min_len, 0, 0) <= 0) { - OPENSSL_free(*pout); - *pout = NULL; - return 0; - } - return min_len; -} - -static void drbg_free_entropy(DRBG_CTX *ctx, unsigned char *out, size_t olen) -{ - if (out) { - OPENSSL_cleanse(out, olen); - OPENSSL_free(out); - } -} - -/* - * Set "additional input" when generating random data. This uses the current - * PID, a time value and a counter. - */ - -static size_t drbg_get_adin(DRBG_CTX *ctx, unsigned char **pout) -{ - /* Use of static variables is OK as this happens under a lock */ - static unsigned char buf[16]; - static unsigned long counter; - FIPS_get_timevec(buf, &counter); - *pout = buf; - return sizeof(buf); -} - -/* - * RAND_add() and RAND_seed() pass through to OpenSSL PRNG so it is - * correctly seeded by RAND_poll(). - */ - -static int drbg_rand_add(DRBG_CTX *ctx, const void *in, int inlen, - double entropy) -{ - RAND_SSLeay()->add(in, inlen, entropy); - return 1; -} - -static int drbg_rand_seed(DRBG_CTX *ctx, const void *in, int inlen) -{ - RAND_SSLeay()->seed(in, inlen); - return 1; -} - -# ifndef OPENSSL_DRBG_DEFAULT_TYPE -# define OPENSSL_DRBG_DEFAULT_TYPE NID_aes_256_ctr -# endif -# ifndef OPENSSL_DRBG_DEFAULT_FLAGS -# define OPENSSL_DRBG_DEFAULT_FLAGS DRBG_FLAG_CTR_USE_DF -# endif - -static int fips_drbg_type = OPENSSL_DRBG_DEFAULT_TYPE; -static int fips_drbg_flags = OPENSSL_DRBG_DEFAULT_FLAGS; - -void RAND_set_fips_drbg_type(int type, int flags) -{ - fips_drbg_type = type; - fips_drbg_flags = flags; -} - -int RAND_init_fips(void) -{ - DRBG_CTX *dctx; - size_t plen; - unsigned char pers[32], *p; -# ifndef OPENSSL_ALLOW_DUAL_EC_DRBG - if (fips_drbg_type >> 16) { - RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_DUAL_EC_DRBG_DISABLED); - return 0; - } -# endif - - dctx = FIPS_get_default_drbg(); - if (FIPS_drbg_init(dctx, fips_drbg_type, fips_drbg_flags) <= 0) { - RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_ERROR_INITIALISING_DRBG); - return 0; - } - - FIPS_drbg_set_callbacks(dctx, - drbg_get_entropy, drbg_free_entropy, 20, - drbg_get_entropy, drbg_free_entropy); - FIPS_drbg_set_rand_callbacks(dctx, drbg_get_adin, 0, - drbg_rand_seed, drbg_rand_add); - /* Personalisation string: a string followed by date time vector */ - strcpy((char *)pers, "OpenSSL DRBG2.0"); - plen = drbg_get_adin(dctx, &p); - memcpy(pers + 16, p, plen); - - if (FIPS_drbg_instantiate(dctx, pers, sizeof(pers)) <= 0) { - RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_ERROR_INSTANTIATING_DRBG); - return 0; - } - FIPS_rand_set_method(FIPS_drbg_method()); - return 1; -} - -#endif diff --git a/deps/openssl/openssl/crypto/rand/rand_nw.c b/deps/openssl/openssl/crypto/rand/rand_nw.c deleted file mode 100644 index 55ffe9ad51..0000000000 --- a/deps/openssl/openssl/crypto/rand/rand_nw.c +++ /dev/null @@ -1,179 +0,0 @@ -/* crypto/rand/rand_nw.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "cryptlib.h" -#include <openssl/rand.h> -#include "rand_lcl.h" - -#if defined (OPENSSL_SYS_NETWARE) - -# if defined(NETWARE_LIBC) -# include <nks/thread.h> -# else -# include <nwthread.h> -# endif - -extern int GetProcessSwitchCount(void); -# if !defined(NETWARE_LIBC) || (CURRENT_NDK_THRESHOLD < 509220000) -extern void *RunningProcess; /* declare here same as found in newer NDKs */ -extern unsigned long GetSuperHighResolutionTimer(void); -# endif - - /* - * the FAQ indicates we need to provide at least 20 bytes (160 bits) of - * seed - */ -int RAND_poll(void) -{ - unsigned long l; - unsigned long tsc; - int i; - - /* - * There are several options to gather miscellaneous data but for now we - * will loop checking the time stamp counter (rdtsc) and the - * SuperHighResolutionTimer. Each iteration will collect 8 bytes of data - * but it is treated as only 1 byte of entropy. The call to - * ThreadSwitchWithDelay() will introduce additional variability into the - * data returned by rdtsc. Applications can agument the seed material by - * adding additional stuff with RAND_add() and should probably do so. - */ - l = GetProcessSwitchCount(); - RAND_add(&l, sizeof(l), 1); - - /* need to cast the void* to unsigned long here */ - l = (unsigned long)RunningProcess; - RAND_add(&l, sizeof(l), 1); - - for (i = 2; i < ENTROPY_NEEDED; i++) { -# ifdef __MWERKS__ - asm { - rdtsc mov tsc, eax} -# elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) - asm volatile ("rdtsc":"=a" (tsc)::"edx"); -# endif - - RAND_add(&tsc, sizeof(tsc), 1); - - l = GetSuperHighResolutionTimer(); - RAND_add(&l, sizeof(l), 0); - -# if defined(NETWARE_LIBC) - NXThreadYield(); -# else /* NETWARE_CLIB */ - ThreadSwitchWithDelay(); -# endif - } - - return 1; -} - -#endif diff --git a/deps/openssl/openssl/crypto/rand/rand_os2.c b/deps/openssl/openssl/crypto/rand/rand_os2.c deleted file mode 100644 index 706ab1e817..0000000000 --- a/deps/openssl/openssl/crypto/rand/rand_os2.c +++ /dev/null @@ -1,170 +0,0 @@ -/* crypto/rand/rand_os2.c */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "cryptlib.h" -#include <openssl/rand.h> -#include "rand_lcl.h" - -#ifdef OPENSSL_SYS_OS2 - -# define INCL_DOSPROCESS -# define INCL_DOSPROFILE -# define INCL_DOSMISC -# define INCL_DOSMODULEMGR -# include <os2.h> - -# define CMD_KI_RDCNT (0x63) - -typedef struct _CPUUTIL { - ULONG ulTimeLow; /* Low 32 bits of time stamp */ - ULONG ulTimeHigh; /* High 32 bits of time stamp */ - ULONG ulIdleLow; /* Low 32 bits of idle time */ - ULONG ulIdleHigh; /* High 32 bits of idle time */ - ULONG ulBusyLow; /* Low 32 bits of busy time */ - ULONG ulBusyHigh; /* High 32 bits of busy time */ - ULONG ulIntrLow; /* Low 32 bits of interrupt time */ - ULONG ulIntrHigh; /* High 32 bits of interrupt time */ -} CPUUTIL; - -# ifndef __KLIBC__ -APIRET APIENTRY(*DosPerfSysCall) (ULONG ulCommand, ULONG ulParm1, - ULONG ulParm2, ULONG ulParm3) = NULL; -APIRET APIENTRY(*DosQuerySysState) (ULONG func, ULONG arg1, ULONG pid, - ULONG _res_, PVOID buf, ULONG bufsz) = - NULL; -# endif -HMODULE hDoscalls = 0; - -int RAND_poll(void) -{ - char failed_module[20]; - QWORD qwTime; - ULONG SysVars[QSV_FOREGROUND_PROCESS]; - - if (hDoscalls == 0) { - ULONG rc = - DosLoadModule(failed_module, sizeof(failed_module), "DOSCALLS", - &hDoscalls); - -# ifndef __KLIBC__ - if (rc == 0) { - rc = DosQueryProcAddr(hDoscalls, 976, NULL, - (PFN *) & DosPerfSysCall); - - if (rc) - DosPerfSysCall = NULL; - - rc = DosQueryProcAddr(hDoscalls, 368, NULL, - (PFN *) & DosQuerySysState); - - if (rc) - DosQuerySysState = NULL; - } -# endif - } - - /* Sample the hi-res timer, runs at around 1.1 MHz */ - DosTmrQueryTime(&qwTime); - RAND_add(&qwTime, sizeof(qwTime), 2); - - /* - * Sample a bunch of system variables, includes various process & memory - * statistics - */ - DosQuerySysInfo(1, QSV_FOREGROUND_PROCESS, SysVars, sizeof(SysVars)); - RAND_add(SysVars, sizeof(SysVars), 4); - - /* - * If available, sample CPU registers that count at CPU MHz Only fairly - * new CPUs (PPro & K6 onwards) & OS/2 versions support this - */ - if (DosPerfSysCall) { - CPUUTIL util; - - if (DosPerfSysCall(CMD_KI_RDCNT, (ULONG) & util, 0, 0) == 0) { - RAND_add(&util, sizeof(util), 10); - } else { -# ifndef __KLIBC__ - DosPerfSysCall = NULL; -# endif - } - } - - /* - * DosQuerySysState() gives us a huge quantity of process, thread, memory - * & handle stats - */ - if (DosQuerySysState) { - char *buffer = OPENSSL_malloc(256 * 1024); - - if (!buffer) - return 0; - - if (DosQuerySysState(0x1F, 0, 0, 0, buffer, 256 * 1024) == 0) { - /* - * First 4 bytes in buffer is a pointer to the thread count there - * should be at least 1 byte of entropy per thread - */ - RAND_add(buffer, 256 * 1024, **(ULONG **) buffer); - } - - OPENSSL_free(buffer); - return 1; - } - - return 0; -} - -#endif /* OPENSSL_SYS_OS2 */ diff --git a/deps/openssl/openssl/crypto/rand/rand_unix.c b/deps/openssl/openssl/crypto/rand/rand_unix.c index 097e409918..7a5a948430 100644 --- a/deps/openssl/openssl/crypto/rand/rand_unix.c +++ b/deps/openssl/openssl/crypto/rand/rand_unix.c @@ -1,122 +1,21 @@ -/* crypto/rand/rand_unix.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ + #include <stdio.h> #define USE_SOCKETS #include "e_os.h" -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/rand.h> #include "rand_lcl.h" -#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) +#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)) # include <sys/types.h> # include <sys/time.h> @@ -244,17 +143,17 @@ int RAND_poll(void) { unsigned long l; pid_t curr_pid = getpid(); -# if defined(DEVRANDOM) || defined(DEVRANDOM_EGD) +# if defined(DEVRANDOM) || (!defined(OPENSS_NO_EGD) && defined(DEVRANDOM_EGD)) unsigned char tmpbuf[ENTROPY_NEEDED]; int n = 0; # endif # ifdef DEVRANDOM static const char *randomfiles[] = { DEVRANDOM }; - struct stat randomstats[sizeof(randomfiles) / sizeof(randomfiles[0])]; + struct stat randomstats[OSSL_NELEM(randomfiles)]; int fd; unsigned int i; # endif -# ifdef DEVRANDOM_EGD +# if !defined(OPENSSL_NO_EGD) && defined(DEVRANDOM_EGD) static const char *egdsockets[] = { DEVRANDOM_EGD, NULL }; const char **egdsocket = NULL; # endif @@ -267,8 +166,7 @@ int RAND_poll(void) * out of random entries. */ - for (i = 0; (i < sizeof(randomfiles) / sizeof(randomfiles[0])) && - (n < ENTROPY_NEEDED); i++) { + for (i = 0; (i < OSSL_NELEM(randomfiles)) && (n < ENTROPY_NEEDED); i++) { if ((fd = open(randomfiles[i], O_RDONLY # ifdef O_NONBLOCK | O_NONBLOCK @@ -307,14 +205,7 @@ int RAND_poll(void) do { int try_read = 0; -# if defined(OPENSSL_SYS_BEOS_R5) - /* - * select() is broken in BeOS R5, so we simply try to read - * something and snooze if we couldn't - */ - try_read = 1; - -# elif defined(OPENSSL_SYS_LINUX) +# if defined(OPENSSL_SYS_LINUX) /* use poll() */ struct pollfd pset; @@ -358,10 +249,6 @@ int RAND_poll(void) ENTROPY_NEEDED - n); if (r > 0) n += r; -# if defined(OPENSSL_SYS_BEOS_R5) - if (r == 0) - snooze(t.tv_usec); -# endif } else r = -1; @@ -383,7 +270,7 @@ int RAND_poll(void) } # endif /* defined(DEVRANDOM) */ -# ifdef DEVRANDOM_EGD +# if !defined(OPENSSL_NO_EGD) && defined(DEVRANDOM_EGD) /* * Use an EGD socket to read entropy from an EGD or PRNGD entropy * collecting daemon. @@ -400,7 +287,7 @@ int RAND_poll(void) } # endif /* defined(DEVRANDOM_EGD) */ -# if defined(DEVRANDOM) || defined(DEVRANDOM_EGD) +# if defined(DEVRANDOM) || (!defined(OPENSSL_NO_EGD) && defined(DEVRANDOM_EGD)) if (n > 0) { RAND_add(tmpbuf, sizeof(tmpbuf), (double)n); OPENSSL_cleanse(tmpbuf, n); @@ -416,15 +303,7 @@ int RAND_poll(void) l = time(NULL); RAND_add(&l, sizeof(l), 0.0); -# if defined(OPENSSL_SYS_BEOS) - { - system_info sysInfo; - get_system_info(&sysInfo); - RAND_add(&sysInfo, sizeof(sysInfo), 0); - } -# endif - -# if defined(DEVRANDOM) || defined(DEVRANDOM_EGD) +# if defined(DEVRANDOM) || (!defined(OPENSSL_NO_EGD) && defined(DEVRANDOM_EGD)) return 1; # else return 0; @@ -435,11 +314,9 @@ int RAND_poll(void) #endif /* !(defined(OPENSSL_SYS_WINDOWS) || * defined(OPENSSL_SYS_WIN32) || * defined(OPENSSL_SYS_VMS) || - * defined(OPENSSL_SYS_OS2) || - * defined(OPENSSL_SYS_VXWORKS) || - * defined(OPENSSL_SYS_NETWARE)) */ + * defined(OPENSSL_SYS_VXWORKS) */ -#if defined(OPENSSL_SYS_VXWORKS) +#if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI) int RAND_poll(void) { return 0; diff --git a/deps/openssl/openssl/crypto/rand/rand_vms.c b/deps/openssl/openssl/crypto/rand/rand_vms.c index be4ff4cc87..9c462dd374 100755..100644 --- a/deps/openssl/openssl/crypto/rand/rand_vms.c +++ b/deps/openssl/openssl/crypto/rand/rand_vms.c @@ -1,66 +1,17 @@ -/* crypto/rand/rand_vms.c */ /* - * Written by Richard Levitte <richard@levitte.org> for the OpenSSL project - * 2000. + * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ + /* * Modified by VMS Software, Inc (2016) * Eliminate looping through all processes (performance) * Add additional randomizations using rand() function */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ #include <openssl/rand.h> #include "rand_lcl.h" @@ -121,8 +72,6 @@ int RAND_poll(void) } item[item_entry_count], *pitem; /* number of entries in items_data */ struct items_data_st *pitems_data; - pitems_data = items_data; - pitem = item; int data_buffer[(item_entry_count*2)+4]; /* 8 bytes per entry max */ int iosb[2]; int sys_time[2]; @@ -131,8 +80,11 @@ int RAND_poll(void) int tmp_length = 0; int total_length = 0; - /* Setup itemlist for GETJPI */ + pitems_data = items_data; + pitem = item; + + /* Setup itemlist for GETJPI */ while (pitems_data->length) { pitem->length = pitems_data->length; pitem->code = pitems_data->code; @@ -177,4 +129,5 @@ int RAND_poll(void) return 1; } + #endif diff --git a/deps/openssl/openssl/crypto/rand/rand_win.c b/deps/openssl/openssl/crypto/rand/rand_win.c index b4be3097e9..1be0ed3c9a 100644 --- a/deps/openssl/openssl/crypto/rand/rand_win.c +++ b/deps/openssl/openssl/crypto/rand/rand_win.c @@ -1,625 +1,99 @@ -/* crypto/rand/rand_win.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/rand.h> #include "rand_lcl.h" #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) # include <windows.h> -# ifndef _WIN32_WINNT -# define _WIN32_WINNT 0x0400 +/* On Windows 7 or higher use BCrypt instead of the legacy CryptoAPI */ +# if defined(_MSC_VER) && defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0601 +# define RAND_WINDOWS_USE_BCRYPT # endif -# include <wincrypt.h> -# include <tlhelp32.h> - -/* - * Limit the time spent walking through the heap, processes, threads and - * modules to a maximum of 1000 miliseconds each, unless CryptoGenRandom - * failed - */ -# define MAXDELAY 1000 +# ifdef RAND_WINDOWS_USE_BCRYPT +# include <bcrypt.h> +# pragma comment(lib, "bcrypt.lib") +# ifndef STATUS_SUCCESS +# define STATUS_SUCCESS ((NTSTATUS)0x00000000L) +# endif +# else +# include <wincrypt.h> /* * Intel hardware RNG CSP -- available from * http://developer.intel.com/design/security/rng/redist_license.htm */ -# define PROV_INTEL_SEC 22 -# define INTEL_DEF_PROV L"Intel Hardware Cryptographic Service Provider" +# define PROV_INTEL_SEC 22 +# define INTEL_DEF_PROV L"Intel Hardware Cryptographic Service Provider" +# endif static void readtimer(void); -static void readscreen(void); - -/* - * It appears like CURSORINFO, PCURSORINFO and LPCURSORINFO are only defined - * when WINVER is 0x0500 and up, which currently only happens on Win2000. - * Unfortunately, those are typedefs, so they're a little bit difficult to - * detect properly. On the other hand, the macro CURSOR_SHOWING is defined - * within the same conditional, so it can be use to detect the absence of - * said typedefs. - */ - -# ifndef CURSOR_SHOWING -/* - * Information about the global cursor. - */ -typedef struct tagCURSORINFO { - DWORD cbSize; - DWORD flags; - HCURSOR hCursor; - POINT ptScreenPos; -} CURSORINFO, *PCURSORINFO, *LPCURSORINFO; - -# define CURSOR_SHOWING 0x00000001 -# endif /* CURSOR_SHOWING */ - -# if !defined(OPENSSL_SYS_WINCE) -typedef BOOL(WINAPI *CRYPTACQUIRECONTEXTW) (HCRYPTPROV *, LPCWSTR, LPCWSTR, - DWORD, DWORD); -typedef BOOL(WINAPI *CRYPTGENRANDOM) (HCRYPTPROV, DWORD, BYTE *); -typedef BOOL(WINAPI *CRYPTRELEASECONTEXT) (HCRYPTPROV, DWORD); - -typedef HWND(WINAPI *GETFOREGROUNDWINDOW) (VOID); -typedef BOOL(WINAPI *GETCURSORINFO) (PCURSORINFO); -typedef DWORD(WINAPI *GETQUEUESTATUS) (UINT); - -typedef HANDLE(WINAPI *CREATETOOLHELP32SNAPSHOT) (DWORD, DWORD); -typedef BOOL(WINAPI *CLOSETOOLHELP32SNAPSHOT) (HANDLE); -typedef BOOL(WINAPI *HEAP32FIRST) (LPHEAPENTRY32, DWORD, size_t); -typedef BOOL(WINAPI *HEAP32NEXT) (LPHEAPENTRY32); -typedef BOOL(WINAPI *HEAP32LIST) (HANDLE, LPHEAPLIST32); -typedef BOOL(WINAPI *PROCESS32) (HANDLE, LPPROCESSENTRY32); -typedef BOOL(WINAPI *THREAD32) (HANDLE, LPTHREADENTRY32); -typedef BOOL(WINAPI *MODULE32) (HANDLE, LPMODULEENTRY32); - -# include <lmcons.h> -# include <lmstats.h> -# if 1 -/* - * The NET API is Unicode only. It requires the use of the UNICODE macro. - * When UNICODE is defined LPTSTR becomes LPWSTR. LMSTR was was added to the - * Platform SDK to allow the NET API to be used in non-Unicode applications - * provided that Unicode strings were still used for input. LMSTR is defined - * as LPWSTR. - */ -typedef NET_API_STATUS(NET_API_FUNCTION *NETSTATGET) - (LPWSTR, LPWSTR, DWORD, DWORD, LPBYTE *); -typedef NET_API_STATUS(NET_API_FUNCTION *NETFREE) (LPBYTE); -# endif /* 1 */ -# endif /* !OPENSSL_SYS_WINCE */ - -#define NOTTOOLONG(start) ((GetTickCount() - (start)) < MAXDELAY) int RAND_poll(void) { - MEMORYSTATUS m; - HCRYPTPROV hProvider = 0; + MEMORYSTATUS mst; +# ifndef RAND_WINDOWS_USE_BCRYPT + HCRYPTPROV hProvider; +# endif DWORD w; - int good = 0; + BYTE buf[64]; -# if defined(OPENSSL_SYS_WINCE) -# if defined(_WIN32_WCE) && _WIN32_WCE>=300 - /* - * Even though MSDN says _WIN32_WCE>=210, it doesn't seem to be available - * in commonly available implementations prior 300... - */ - { - BYTE buf[64]; - /* poll the CryptoAPI PRNG */ - /* The CryptoAPI returns sizeof(buf) bytes of randomness */ - if (CryptAcquireContextW(&hProvider, NULL, NULL, PROV_RSA_FULL, - CRYPT_VERIFYCONTEXT)) { - if (CryptGenRandom(hProvider, sizeof(buf), buf)) - RAND_add(buf, sizeof(buf), sizeof(buf)); - CryptReleaseContext(hProvider, 0); - } +# ifdef RAND_WINDOWS_USE_BCRYPT + if (BCryptGenRandom(NULL, buf, (ULONG)sizeof(buf), BCRYPT_USE_SYSTEM_PREFERRED_RNG) == STATUS_SUCCESS) { + RAND_add(buf, sizeof(buf), sizeof(buf)); } -# endif -# else /* OPENSSL_SYS_WINCE */ - /* - * None of below libraries are present on Windows CE, which is - * why we #ifndef the whole section. This also excuses us from - * handling the GetProcAddress issue. The trouble is that in - * real Win32 API GetProcAddress is available in ANSI flavor - * only. In WinCE on the other hand GetProcAddress is a macro - * most commonly defined as GetProcAddressW, which accepts - * Unicode argument. If we were to call GetProcAddress under - * WinCE, I'd recommend to either redefine GetProcAddress as - * GetProcAddressA (there seem to be one in common CE spec) or - * implement own shim routine, which would accept ANSI argument - * and expand it to Unicode. - */ - { - /* load functions dynamically - not available on all systems */ - HMODULE advapi = LoadLibrary(TEXT("ADVAPI32.DLL")); - HMODULE kernel = LoadLibrary(TEXT("KERNEL32.DLL")); - HMODULE user = NULL; - HMODULE netapi = LoadLibrary(TEXT("NETAPI32.DLL")); - CRYPTACQUIRECONTEXTW acquire = NULL; - CRYPTGENRANDOM gen = NULL; - CRYPTRELEASECONTEXT release = NULL; - NETSTATGET netstatget = NULL; - NETFREE netfree = NULL; - BYTE buf[64]; - - if (netapi) { - netstatget = - (NETSTATGET) GetProcAddress(netapi, "NetStatisticsGet"); - netfree = (NETFREE) GetProcAddress(netapi, "NetApiBufferFree"); - } - - if (netstatget && netfree) { - LPBYTE outbuf; - /* - * NetStatisticsGet() is a Unicode only function - * STAT_WORKSTATION_0 contains 45 fields and STAT_SERVER_0 - * contains 17 fields. We treat each field as a source of one - * byte of entropy. - */ - - if (netstatget(NULL, L"LanmanWorkstation", 0, 0, &outbuf) == 0) { - RAND_add(outbuf, sizeof(STAT_WORKSTATION_0), 45); - netfree(outbuf); - } - if (netstatget(NULL, L"LanmanServer", 0, 0, &outbuf) == 0) { - RAND_add(outbuf, sizeof(STAT_SERVER_0), 17); - netfree(outbuf); - } - } - - if (netapi) - FreeLibrary(netapi); - - /* - * It appears like this can cause an exception deep within - * ADVAPI32.DLL at random times on Windows 2000. Reported by Jeffrey - * Altman. Only use it on NT. - */ - - if (advapi) { - /* - * If it's available, then it's available in both ANSI - * and UNICODE flavors even in Win9x, documentation says. - * We favor Unicode... - */ - acquire = (CRYPTACQUIRECONTEXTW) GetProcAddress(advapi, - "CryptAcquireContextW"); - gen = (CRYPTGENRANDOM) GetProcAddress(advapi, "CryptGenRandom"); - release = (CRYPTRELEASECONTEXT) GetProcAddress(advapi, - "CryptReleaseContext"); - } - - if (acquire && gen && release) { - /* poll the CryptoAPI PRNG */ - /* The CryptoAPI returns sizeof(buf) bytes of randomness */ - if (acquire(&hProvider, NULL, NULL, PROV_RSA_FULL, - CRYPT_VERIFYCONTEXT)) { - if (gen(hProvider, sizeof(buf), buf) != 0) { - RAND_add(buf, sizeof(buf), 0); - good = 1; -# if 0 - printf("randomness from PROV_RSA_FULL\n"); -# endif - } - release(hProvider, 0); - } - - /* poll the Pentium PRG with CryptoAPI */ - if (acquire(&hProvider, 0, INTEL_DEF_PROV, PROV_INTEL_SEC, 0)) { - if (gen(hProvider, sizeof(buf), buf) != 0) { - RAND_add(buf, sizeof(buf), sizeof(buf)); - good = 1; -# if 0 - printf("randomness from PROV_INTEL_SEC\n"); -# endif - } - release(hProvider, 0); - } - } - - if (advapi) - FreeLibrary(advapi); - - if ((!check_winnt() || - !OPENSSL_isservice()) && - (user = LoadLibrary(TEXT("USER32.DLL")))) { - GETCURSORINFO cursor; - GETFOREGROUNDWINDOW win; - GETQUEUESTATUS queue; - - win = - (GETFOREGROUNDWINDOW) GetProcAddress(user, - "GetForegroundWindow"); - cursor = (GETCURSORINFO) GetProcAddress(user, "GetCursorInfo"); - queue = (GETQUEUESTATUS) GetProcAddress(user, "GetQueueStatus"); - - if (win) { - /* window handle */ - HWND h = win(); - RAND_add(&h, sizeof(h), 0); - } - if (cursor) { - /* - * unfortunately, its not safe to call GetCursorInfo() on NT4 - * even though it exists in SP3 (or SP6) and higher. - */ - if (check_winnt() && !check_win_minplat(5)) - cursor = 0; - } - if (cursor) { - /* cursor position */ - /* assume 2 bytes of entropy */ - CURSORINFO ci; - ci.cbSize = sizeof(CURSORINFO); - if (cursor(&ci)) - RAND_add(&ci, ci.cbSize, 2); - } - - if (queue) { - /* message queue status */ - /* assume 1 byte of entropy */ - w = queue(QS_ALLEVENTS); - RAND_add(&w, sizeof(w), 1); - } - - FreeLibrary(user); +# else + /* poll the CryptoAPI PRNG */ + /* The CryptoAPI returns sizeof(buf) bytes of randomness */ + if (CryptAcquireContextW(&hProvider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) { + if (CryptGenRandom(hProvider, (DWORD)sizeof(buf), buf) != 0) { + RAND_add(buf, sizeof(buf), sizeof(buf)); } + CryptReleaseContext(hProvider, 0); + } - /*- - * Toolhelp32 snapshot: enumerate processes, threads, modules and heap - * http://msdn.microsoft.com/library/psdk/winbase/toolhelp_5pfd.htm - * (Win 9x and 2000 only, not available on NT) - * - * This seeding method was proposed in Peter Gutmann, Software - * Generation of Practically Strong Random Numbers, - * http://www.usenix.org/publications/library/proceedings/sec98/gutmann.html - * revised version at http://www.cryptoengines.com/~peter/06_random.pdf - * (The assignment of entropy estimates below is arbitrary, but based - * on Peter's analysis the full poll appears to be safe. Additional - * interactive seeding is encouraged.) - */ - - if (kernel) { - CREATETOOLHELP32SNAPSHOT snap; - CLOSETOOLHELP32SNAPSHOT close_snap; - HANDLE handle; - - HEAP32FIRST heap_first; - HEAP32NEXT heap_next; - HEAP32LIST heaplist_first, heaplist_next; - PROCESS32 process_first, process_next; - THREAD32 thread_first, thread_next; - MODULE32 module_first, module_next; - - HEAPLIST32 hlist; - HEAPENTRY32 hentry; - PROCESSENTRY32 p; - THREADENTRY32 t; - MODULEENTRY32 m; - DWORD starttime = 0; - - snap = (CREATETOOLHELP32SNAPSHOT) - GetProcAddress(kernel, "CreateToolhelp32Snapshot"); - close_snap = (CLOSETOOLHELP32SNAPSHOT) - GetProcAddress(kernel, "CloseToolhelp32Snapshot"); - heap_first = (HEAP32FIRST) GetProcAddress(kernel, "Heap32First"); - heap_next = (HEAP32NEXT) GetProcAddress(kernel, "Heap32Next"); - heaplist_first = - (HEAP32LIST) GetProcAddress(kernel, "Heap32ListFirst"); - heaplist_next = - (HEAP32LIST) GetProcAddress(kernel, "Heap32ListNext"); - process_first = - (PROCESS32) GetProcAddress(kernel, "Process32First"); - process_next = - (PROCESS32) GetProcAddress(kernel, "Process32Next"); - thread_first = (THREAD32) GetProcAddress(kernel, "Thread32First"); - thread_next = (THREAD32) GetProcAddress(kernel, "Thread32Next"); - module_first = (MODULE32) GetProcAddress(kernel, "Module32First"); - module_next = (MODULE32) GetProcAddress(kernel, "Module32Next"); - - if (snap && heap_first && heap_next && heaplist_first && - heaplist_next && process_first && process_next && - thread_first && thread_next && module_first && - module_next && (handle = snap(TH32CS_SNAPALL, 0)) - != INVALID_HANDLE_VALUE) { - /* heap list and heap walking */ - /* - * HEAPLIST32 contains 3 fields that will change with each - * entry. Consider each field a source of 1 byte of entropy. - * HEAPENTRY32 contains 5 fields that will change with each - * entry. Consider each field a source of 1 byte of entropy. - */ - ZeroMemory(&hlist, sizeof(HEAPLIST32)); - hlist.dwSize = sizeof(HEAPLIST32); - if (good) - starttime = GetTickCount(); -# ifdef _MSC_VER - if (heaplist_first(handle, &hlist)) { - /* - * following discussion on dev ML, exception on WinCE (or - * other Win platform) is theoretically of unknown - * origin; prevent infinite loop here when this - * theoretical case occurs; otherwise cope with the - * expected (MSDN documented) exception-throwing - * behaviour of Heap32Next() on WinCE. - * - * based on patch in original message by Tanguy Fautré - * (2009/03/02) Subject: RAND_poll() and - * CreateToolhelp32Snapshot() stability - */ - int ex_cnt_limit = 42; - do { - RAND_add(&hlist, hlist.dwSize, 3); - __try { - ZeroMemory(&hentry, sizeof(HEAPENTRY32)); - hentry.dwSize = sizeof(HEAPENTRY32); - if (heap_first(&hentry, - hlist.th32ProcessID, - hlist.th32HeapID)) { - int entrycnt = 80; - do - RAND_add(&hentry, hentry.dwSize, 5); - while (heap_next(&hentry) - && (!good || NOTTOOLONG(starttime)) - && --entrycnt > 0); - } - } - __except(EXCEPTION_EXECUTE_HANDLER) { - /* - * ignore access violations when walking the heap - * list - */ - ex_cnt_limit--; - } - } while (heaplist_next(handle, &hlist) - && (!good || NOTTOOLONG(starttime)) - && ex_cnt_limit > 0); - } -# else - if (heaplist_first(handle, &hlist)) { - do { - RAND_add(&hlist, hlist.dwSize, 3); - hentry.dwSize = sizeof(HEAPENTRY32); - if (heap_first(&hentry, - hlist.th32ProcessID, - hlist.th32HeapID)) { - int entrycnt = 80; - do - RAND_add(&hentry, hentry.dwSize, 5); - while (heap_next(&hentry) - && (!good || NOTTOOLONG(starttime)) - && --entrycnt > 0); - } - } while (heaplist_next(handle, &hlist) - && (!good || NOTTOOLONG(starttime))); - } -# endif - - /* process walking */ - /* - * PROCESSENTRY32 contains 9 fields that will change with - * each entry. Consider each field a source of 1 byte of - * entropy. - */ - p.dwSize = sizeof(PROCESSENTRY32); - - if (good) - starttime = GetTickCount(); - if (process_first(handle, &p)) - do - RAND_add(&p, p.dwSize, 9); - while (process_next(handle, &p) - && (!good || NOTTOOLONG(starttime))); - - /* thread walking */ - /* - * THREADENTRY32 contains 6 fields that will change with each - * entry. Consider each field a source of 1 byte of entropy. - */ - t.dwSize = sizeof(THREADENTRY32); - if (good) - starttime = GetTickCount(); - if (thread_first(handle, &t)) - do - RAND_add(&t, t.dwSize, 6); - while (thread_next(handle, &t) - && (!good || NOTTOOLONG(starttime))); - - /* module walking */ - /* - * MODULEENTRY32 contains 9 fields that will change with each - * entry. Consider each field a source of 1 byte of entropy. - */ - m.dwSize = sizeof(MODULEENTRY32); - if (good) - starttime = GetTickCount(); - if (module_first(handle, &m)) - do - RAND_add(&m, m.dwSize, 9); - while (module_next(handle, &m) - && (!good || NOTTOOLONG(starttime))); - if (close_snap) - close_snap(handle); - else - CloseHandle(handle); - - } - - FreeLibrary(kernel); + /* poll the Pentium PRG with CryptoAPI */ + if (CryptAcquireContextW(&hProvider, NULL, INTEL_DEF_PROV, PROV_INTEL_SEC, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) { + if (CryptGenRandom(hProvider, (DWORD)sizeof(buf), buf) != 0) { + RAND_add(buf, sizeof(buf), sizeof(buf)); } + CryptReleaseContext(hProvider, 0); } -# endif /* !OPENSSL_SYS_WINCE */ +# endif /* timer data */ readtimer(); /* memory usage statistics */ - GlobalMemoryStatus(&m); - RAND_add(&m, sizeof(m), 1); + GlobalMemoryStatus(&mst); + RAND_add(&mst, sizeof(mst), 1); /* process ID */ w = GetCurrentProcessId(); RAND_add(&w, sizeof(w), 1); -# if 0 - printf("Exiting RAND_poll\n"); -# endif - return (1); } +#if OPENSSL_API_COMPAT < 0x10100000L int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam) { - double add_entropy = 0; - - switch (iMsg) { - case WM_KEYDOWN: - { - static WPARAM key; - if (key != wParam) - add_entropy = 0.05; - key = wParam; - } - break; - case WM_MOUSEMOVE: - { - static int lastx, lasty, lastdx, lastdy; - int x, y, dx, dy; - - x = LOWORD(lParam); - y = HIWORD(lParam); - dx = lastx - x; - dy = lasty - y; - if (dx != 0 && dy != 0 && dx - lastdx != 0 && dy - lastdy != 0) - add_entropy = .2; - lastx = x, lasty = y; - lastdx = dx, lastdy = dy; - } - break; - } - - readtimer(); - RAND_add(&iMsg, sizeof(iMsg), add_entropy); - RAND_add(&wParam, sizeof(wParam), 0); - RAND_add(&lParam, sizeof(lParam), 0); - - return (RAND_status()); + RAND_poll(); + return RAND_status(); } void RAND_screen(void) -{ /* function available for backward - * compatibility */ +{ RAND_poll(); - readscreen(); } +#endif /* feed timing information to the PRNG */ static void readtimer(void) @@ -658,90 +132,4 @@ static void readtimer(void) } } -/* feed screen contents to PRNG */ -/***************************************************************************** - * - * Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V. - * - * Code adapted from - * <URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];97193>; - * the original copyright message is: - * - * (C) Copyright Microsoft Corp. 1993. All rights reserved. - * - * You have a royalty-free right to use, modify, reproduce and - * distribute the Sample Files (and/or any modified version) in - * any way you find useful, provided that you agree that - * Microsoft has no warranty obligations or liability for any - * Sample Application Files which are modified. - */ - -static void readscreen(void) -{ -# if !defined(OPENSSL_SYS_WINCE) && !defined(OPENSSL_SYS_WIN32_CYGWIN) - HDC hScrDC; /* screen DC */ - HBITMAP hBitmap; /* handle for our bitmap */ - BITMAP bm; /* bitmap properties */ - unsigned int size; /* size of bitmap */ - char *bmbits; /* contents of bitmap */ - int w; /* screen width */ - int h; /* screen height */ - int y; /* y-coordinate of screen lines to grab */ - int n = 16; /* number of screen lines to grab at a time */ - BITMAPINFOHEADER bi; /* info about the bitmap */ - - if (check_winnt() && OPENSSL_isservice() > 0) - return; - - /* Get a reference to the screen DC */ - hScrDC = GetDC(NULL); - - /* Get screen resolution */ - w = GetDeviceCaps(hScrDC, HORZRES); - h = GetDeviceCaps(hScrDC, VERTRES); - - /* Create a bitmap compatible with the screen DC */ - hBitmap = CreateCompatibleBitmap(hScrDC, w, n); - - /* Get bitmap properties */ - GetObject(hBitmap, sizeof(bm), (LPSTR)&bm); - size = (unsigned int)4 * bm.bmHeight * bm.bmWidth; - bi.biSize = sizeof(bi); - bi.biWidth = bm.bmWidth; - bi.biHeight = bm.bmHeight; - bi.biPlanes = 1; - bi.biBitCount = 32; - bi.biCompression = BI_RGB; - bi.biSizeImage = 0; - bi.biXPelsPerMeter = 0; - bi.biYPelsPerMeter = 0; - bi.biClrUsed = 0; - bi.biClrImportant = 0; - - bmbits = OPENSSL_malloc(size); - if (bmbits) { - /* Now go through the whole screen, repeatedly grabbing n lines */ - for (y = 0; y < h - n; y += n) { - unsigned char md[MD_DIGEST_LENGTH]; - - /* Copy the bits of the current line range into the buffer */ - GetDIBits(hScrDC, hBitmap, y, n, - bmbits, (LPBITMAPINFO)&bi, DIB_RGB_COLORS); - - /* Get the hash of the bitmap */ - MD(bmbits, size, md); - - /* Seed the random generator with the hash value */ - RAND_add(md, MD_DIGEST_LENGTH, 0); - } - - OPENSSL_free(bmbits); - } - - /* Clean up */ - DeleteObject(hBitmap); - ReleaseDC(NULL, hScrDC); -# endif /* !OPENSSL_SYS_WINCE */ -} - #endif diff --git a/deps/openssl/openssl/crypto/rand/randfile.c b/deps/openssl/openssl/crypto/rand/randfile.c index 728fd0a721..dbd03ff2bd 100644 --- a/deps/openssl/openssl/crypto/rand/randfile.c +++ b/deps/openssl/openssl/crypto/rand/randfile.c @@ -1,67 +1,19 @@ -/* crypto/rand/randfile.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ +#include "internal/cryptlib.h" + #include <errno.h> #include <stdio.h> #include <stdlib.h> #include <string.h> -#include "e_os.h" #include <openssl/crypto.h> #include <openssl/rand.h> #include <openssl/buffer.h> @@ -69,9 +21,7 @@ #ifdef OPENSSL_SYS_VMS # include <unixio.h> #endif -#ifndef NO_SYS_TYPES_H -# include <sys/types.h> -#endif +#include <sys/types.h> #ifndef OPENSSL_NO_POSIX_IO # include <sys/stat.h> # include <fcntl.h> @@ -105,23 +55,52 @@ # define chmod _chmod # define open _open # define fdopen _fdopen +# define fstat _fstat +# define fileno _fileno #endif #undef BUFSIZE #define BUFSIZE 1024 #define RAND_DATA 1024 -#if (defined(OPENSSL_SYS_VMS) && (defined(__alpha) || defined(__ia64))) +#ifdef OPENSSL_SYS_VMS +/* + * Misc hacks needed for specific cases. + * + * __FILE_ptr32 is a type provided by DEC C headers (types.h specifically) + * to make sure the FILE* is a 32-bit pointer no matter what. We know that + * stdio function return this type (a study of stdio.h proves it). + * Additionally, we create a similar char pointer type for the sake of + * vms_setbuf below. + */ +# if __INITIAL_POINTER_SIZE == 64 +# pragma pointer_size save +# pragma pointer_size 32 +typedef char *char_ptr32; +# pragma pointer_size restore +/* + * On VMS, setbuf() will only take 32-bit pointers, and a compilation + * with /POINTER_SIZE=64 will give off a MAYLOSEDATA2 warning here. + * Since we know that the FILE* really is a 32-bit pointer expanded to + * 64 bits, we also know it's safe to convert it back to a 32-bit pointer. + * As for the buffer parameter, we only use NULL here, so that passes as + * well... + */ +# define setbuf(fp,buf) (setbuf)((__FILE_ptr32)(fp), (char_ptr32)(buf)) +# endif + /* * This declaration is a nasty hack to get around vms' extension to fopen for - * passing in sharing options being disabled by our /STANDARD=ANSI89 + * passing in sharing options being disabled by /STANDARD=ANSI89 */ -static FILE *(*const vms_fopen)(const char *, const char *, ...) = - (FILE *(*)(const char *, const char *, ...))fopen; +static __FILE_ptr32 (*const vms_fopen)(const char *, const char *, ...) = + (__FILE_ptr32 (*)(const char *, const char *, ...))fopen; # define VMS_OPEN_ATTRS "shr=get,put,upd,del","ctx=bin,stm","rfm=stm","rat=none","mrs=0" + +# define openssl_fopen(fname,mode) vms_fopen((fname), (mode), VMS_OPEN_ATTRS) #endif -/* #define RFILE ".rnd" - defined in ../../e_os.h */ +#define RFILE ".rnd" /* * Note that these functions are intended for seed files only. Entropy @@ -135,35 +114,24 @@ int RAND_load_file(const char *file, long bytes) * if bytes == -1, read complete file. */ - MS_STATIC unsigned char buf[BUFSIZE]; + unsigned char buf[BUFSIZE]; #ifndef OPENSSL_NO_POSIX_IO struct stat sb; #endif int i, ret = 0, n; -/* - * If setvbuf() is to be called, then the FILE pointer - * to it must be 32 bit. -*/ - -#if !defined OPENSSL_NO_SETVBUF_IONBF && defined(OPENSSL_SYS_VMS) && defined(__VMS_VER) && (__VMS_VER >= 70000000) - /* For 64-bit-->32 bit API Support*/ -#if __INITIAL_POINTER_SIZE == 64 -#pragma __required_pointer_size __save -#pragma __required_pointer_size 32 -#endif - FILE *in; /* setvbuf() requires 32-bit pointers */ -#if __INITIAL_POINTER_SIZE == 64 -#pragma __required_pointer_size __restore -#endif -#else - FILE *in; -#endif /* OPENSSL_SYS_VMS */ + FILE *in = NULL; if (file == NULL) - return (0); + return 0; + + if (bytes == 0) + return ret; + + in = openssl_fopen(file, "rb"); + if (in == NULL) + goto err; #ifndef OPENSSL_NO_POSIX_IO -# ifdef PURIFY /* * struct stat can have padding and unused fields that may not be * initialized in the call to stat(). We need to clear the entire @@ -171,22 +139,11 @@ int RAND_load_file(const char *file, long bytes) * applications such as Valgrind. */ memset(&sb, 0, sizeof(sb)); -# endif - if (stat(file, &sb) < 0) - return (0); + if (fstat(fileno(in), &sb) < 0) + goto err; RAND_add(&sb, sizeof(sb), 0.0); -#endif - if (bytes == 0) - return (ret); -#ifdef OPENSSL_SYS_VMS - in = vms_fopen(file, "rb", VMS_OPEN_ATTRS); -#else - in = fopen(file, "rb"); -#endif - if (in == NULL) - goto err; -#if defined(S_ISBLK) && defined(S_ISCHR) && !defined(OPENSSL_NO_POSIX_IO) +# if defined(S_ISBLK) && defined(S_ISCHR) if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) { /* * this file is a device. we don't want read an infinite number of @@ -194,10 +151,9 @@ int RAND_load_file(const char *file, long bytes) * because we will waste system entropy. */ bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */ -# ifndef OPENSSL_NO_SETVBUF_IONBF - setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */ -# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ + setbuf(in, NULL); /* don't do buffered reads */ } +# endif #endif for (;;) { if (bytes > 0) @@ -207,12 +163,8 @@ int RAND_load_file(const char *file, long bytes) i = fread(buf, 1, n, in); if (i <= 0) break; -#ifdef PURIFY + RAND_add(buf, i, (double)i); -#else - /* even if n != i, use the full array */ - RAND_add(buf, n, (double)i); -#endif ret += i; if (bytes > 0) { bytes -= n; @@ -220,10 +172,11 @@ int RAND_load_file(const char *file, long bytes) break; } } - fclose(in); OPENSSL_cleanse(buf, BUFSIZE); err: - return (ret); + if (in != NULL) + fclose(in); + return ret; } int RAND_write_file(const char *file) @@ -235,9 +188,15 @@ int RAND_write_file(const char *file) #ifndef OPENSSL_NO_POSIX_IO struct stat sb; +# if defined(S_ISBLK) && defined(S_ISCHR) +# ifdef _WIN32 + /* + * Check for |file| being a driver as "ASCII-safe" on Windows, + * because driver paths are always ASCII. + */ +# endif i = stat(file, &sb); if (i != -1) { -# if defined(S_ISBLK) && defined(S_ISCHR) if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) { /* * this file is a device. we don't write back to it. we @@ -245,13 +204,14 @@ int RAND_write_file(const char *file) * device. Otherwise attempting to write to and chmod the device * causes problems. */ - return (1); + return 1; } -# endif } +# endif #endif -#if defined(O_CREAT) && !defined(OPENSSL_NO_POSIX_IO) && !defined(OPENSSL_SYS_VMS) +#if defined(O_CREAT) && !defined(OPENSSL_NO_POSIX_IO) && \ + !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_WINDOWS) { # ifndef O_BINARY # define O_BINARY 0 @@ -266,7 +226,7 @@ int RAND_write_file(const char *file) } #endif -#if (defined(OPENSSL_SYS_VMS) && (defined(__alpha) || defined(__ia64))) +#ifdef OPENSSL_SYS_VMS /* * VMS NOTE: Prior versions of this routine created a _new_ version of * the rand file for each call into this routine, then deleted all @@ -285,17 +245,14 @@ int RAND_write_file(const char *file) * rand file in a concurrent use situation. */ - out = vms_fopen(file, "rb+", VMS_OPEN_ATTRS); - if (out == NULL) - out = vms_fopen(file, "wb", VMS_OPEN_ATTRS); -#else - if (out == NULL) - out = fopen(file, "wb"); + out = openssl_fopen(file, "rb+"); #endif if (out == NULL) + out = openssl_fopen(file, "wb"); + if (out == NULL) goto err; -#ifndef NO_CHMOD +#if !defined(NO_CHMOD) && !defined(OPENSSL_NO_POSIX_IO) chmod(file, 0600); #endif n = RAND_DATA; @@ -323,31 +280,70 @@ int RAND_write_file(const char *file) const char *RAND_file_name(char *buf, size_t size) { char *s = NULL; + int use_randfile = 1; #ifdef __OpenBSD__ struct stat sb; #endif - if (OPENSSL_issetugid() == 0) - s = getenv("RANDFILE"); - if (s != NULL && *s && strlen(s) + 1 < size) { - if (BUF_strlcpy(buf, s, size) >= size) - return NULL; +#if defined(_WIN32) && defined(CP_UTF8) + DWORD len; + WCHAR *var, *val; + + if ((var = L"RANDFILE", + len = GetEnvironmentVariableW(var, NULL, 0)) == 0 + && (var = L"HOME", use_randfile = 0, + len = GetEnvironmentVariableW(var, NULL, 0)) == 0 + && (var = L"USERPROFILE", + len = GetEnvironmentVariableW(var, NULL, 0)) == 0) { + var = L"SYSTEMROOT", + len = GetEnvironmentVariableW(var, NULL, 0); + } + + if (len != 0) { + int sz; + + val = _alloca(len * sizeof(WCHAR)); + + if (GetEnvironmentVariableW(var, val, len) < len + && (sz = WideCharToMultiByte(CP_UTF8, 0, val, -1, NULL, 0, + NULL, NULL)) != 0) { + s = _alloca(sz); + if (WideCharToMultiByte(CP_UTF8, 0, val, -1, s, sz, + NULL, NULL) == 0) + s = NULL; + } + } +#else + if (OPENSSL_issetugid() != 0) { + use_randfile = 0; } else { - if (OPENSSL_issetugid() == 0) + s = getenv("RANDFILE"); + if (s == NULL || *s == '\0') { + use_randfile = 0; s = getenv("HOME"); -#ifdef DEFAULT_HOME - if (s == NULL) { - s = DEFAULT_HOME; } + } #endif - if (s && *s && strlen(s) + strlen(RFILE) + 2 < size) { - BUF_strlcpy(buf, s, size); +#ifdef DEFAULT_HOME + if (!use_randfile && s == NULL) { + s = DEFAULT_HOME; + } +#endif + if (s != NULL && *s) { + size_t len = strlen(s); + + if (use_randfile && len + 1 < size) { + if (OPENSSL_strlcpy(buf, s, size) >= size) + return NULL; + } else if (len + strlen(RFILE) + 2 < size) { + OPENSSL_strlcpy(buf, s, size); #ifndef OPENSSL_SYS_VMS - BUF_strlcat(buf, "/", size); + OPENSSL_strlcat(buf, "/", size); #endif - BUF_strlcat(buf, RFILE, size); - } else - buf[0] = '\0'; /* no file name */ + OPENSSL_strlcat(buf, RFILE, size); + } + } else { + buf[0] = '\0'; /* no file name */ } #ifdef __OpenBSD__ @@ -359,14 +355,10 @@ const char *RAND_file_name(char *buf, size_t size) * available. */ - if (!buf[0]) - if (BUF_strlcpy(buf, "/dev/arandom", size) >= size) { - return (NULL); - } - if (stat(buf, &sb) == -1) - if (BUF_strlcpy(buf, "/dev/arandom", size) >= size) { - return (NULL); + if (!buf[0] || stat(buf, &sb) == -1) + if (OPENSSL_strlcpy(buf, "/dev/arandom", size) >= size) { + return NULL; } #endif - return (buf); + return buf[0] ? buf : NULL; } diff --git a/deps/openssl/openssl/crypto/rand/randtest.c b/deps/openssl/openssl/crypto/rand/randtest.c deleted file mode 100644 index 91bcac9906..0000000000 --- a/deps/openssl/openssl/crypto/rand/randtest.c +++ /dev/null @@ -1,209 +0,0 @@ -/* crypto/rand/randtest.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <stdlib.h> -#include <openssl/rand.h> - -#include "../e_os.h" - -/* some FIPS 140-1 random number test */ -/* some simple tests */ - -int main(int argc, char **argv) -{ - unsigned char buf[2500]; - int i, j, k, s, sign, nsign, err = 0; - unsigned long n1; - unsigned long n2[16]; - unsigned long runs[2][34]; - /* - * double d; - */ - long d; - - i = RAND_pseudo_bytes(buf, 2500); - if (i < 0) { - printf("init failed, the rand method is not properly installed\n"); - err++; - goto err; - } - - n1 = 0; - for (i = 0; i < 16; i++) - n2[i] = 0; - for (i = 0; i < 34; i++) - runs[0][i] = runs[1][i] = 0; - - /* test 1 and 2 */ - sign = 0; - nsign = 0; - for (i = 0; i < 2500; i++) { - j = buf[i]; - - n2[j & 0x0f]++; - n2[(j >> 4) & 0x0f]++; - - for (k = 0; k < 8; k++) { - s = (j & 0x01); - if (s == sign) - nsign++; - else { - if (nsign > 34) - nsign = 34; - if (nsign != 0) { - runs[sign][nsign - 1]++; - if (nsign > 6) - runs[sign][5]++; - } - sign = s; - nsign = 1; - } - - if (s) - n1++; - j >>= 1; - } - } - if (nsign > 34) - nsign = 34; - if (nsign != 0) - runs[sign][nsign - 1]++; - - /* test 1 */ - if (!((9654 < n1) && (n1 < 10346))) { - printf("test 1 failed, X=%lu\n", n1); - err++; - } - printf("test 1 done\n"); - - /* test 2 */ -#ifdef undef - d = 0; - for (i = 0; i < 16; i++) - d += n2[i] * n2[i]; - d = d * 16.0 / 5000.0 - 5000.0; - if (!((1.03 < d) && (d < 57.4))) { - printf("test 2 failed, X=%.2f\n", d); - err++; - } -#endif - d = 0; - for (i = 0; i < 16; i++) - d += n2[i] * n2[i]; - d = (d * 8) / 25 - 500000; - if (!((103 < d) && (d < 5740))) { - printf("test 2 failed, X=%ld.%02ld\n", d / 100L, d % 100L); - err++; - } - printf("test 2 done\n"); - - /* test 3 */ - for (i = 0; i < 2; i++) { - if (!((2267 < runs[i][0]) && (runs[i][0] < 2733))) { - printf("test 3 failed, bit=%d run=%d num=%lu\n", - i, 1, runs[i][0]); - err++; - } - if (!((1079 < runs[i][1]) && (runs[i][1] < 1421))) { - printf("test 3 failed, bit=%d run=%d num=%lu\n", - i, 2, runs[i][1]); - err++; - } - if (!((502 < runs[i][2]) && (runs[i][2] < 748))) { - printf("test 3 failed, bit=%d run=%d num=%lu\n", - i, 3, runs[i][2]); - err++; - } - if (!((223 < runs[i][3]) && (runs[i][3] < 402))) { - printf("test 3 failed, bit=%d run=%d num=%lu\n", - i, 4, runs[i][3]); - err++; - } - if (!((90 < runs[i][4]) && (runs[i][4] < 223))) { - printf("test 3 failed, bit=%d run=%d num=%lu\n", - i, 5, runs[i][4]); - err++; - } - if (!((90 < runs[i][5]) && (runs[i][5] < 223))) { - printf("test 3 failed, bit=%d run=%d num=%lu\n", - i, 6, runs[i][5]); - err++; - } - } - printf("test 3 done\n"); - - /* test 4 */ - if (runs[0][33] != 0) { - printf("test 4 failed, bit=%d run=%d num=%lu\n", 0, 34, runs[0][33]); - err++; - } - if (runs[1][33] != 0) { - printf("test 4 failed, bit=%d run=%d num=%lu\n", 1, 34, runs[1][33]); - err++; - } - printf("test 4 done\n"); - err: - err = ((err) ? 1 : 0); -#ifdef OPENSSL_SYS_NETWARE - if (err) - printf("ERROR: %d\n", err); -#endif - EXIT(err); - return (err); -} |