rand_egd.c 5.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221
  1. /*
  2. * Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <openssl/opensslconf.h>
  10. #include <openssl/crypto.h>
  11. #include <openssl/e_os2.h>
  12. #include <openssl/rand.h>
  13. /*
  14. * Query an EGD
  15. */
  16. #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI)
  17. int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
  18. {
  19. return -1;
  20. }
  21. int RAND_egd(const char *path)
  22. {
  23. return -1;
  24. }
  25. int RAND_egd_bytes(const char *path, int bytes)
  26. {
  27. return -1;
  28. }
  29. #else
  30. # include <unistd.h>
  31. # include <stddef.h>
  32. # include <sys/types.h>
  33. # include <sys/socket.h>
  34. # ifndef NO_SYS_UN_H
  35. # include <sys/un.h>
  36. # else
  37. struct sockaddr_un {
  38. short sun_family; /* AF_UNIX */
  39. char sun_path[108]; /* path name (gag) */
  40. };
  41. # endif /* NO_SYS_UN_H */
  42. # include <string.h>
  43. # include <errno.h>
  44. # if defined(OPENSSL_SYS_TANDEM)
  45. /*
  46. * HPNS:
  47. *
  48. * This code forces the use of compatibility mode if required on HPE NonStop
  49. * when coreutils PRNGD is used and then restores the previous mode
  50. * after establishing the socket. This is not required on x86 where hardware
  51. * randomization should be used instead of EGD available as of OpenSSL 3.0.
  52. * Use --with-rand-seed=rdcpu when configuring x86 with 3.0 and above.
  53. *
  54. * Needs review:
  55. *
  56. * The better long-term solution is to either run two EGD's each in one of
  57. * the two modes or revise the EGD code to listen on two different sockets
  58. * (each in one of the two modes) or use the hardware randomizer.
  59. */
  60. _variable
  61. int hpns_socket(int family,
  62. int type,
  63. int protocol,
  64. char* transport)
  65. {
  66. int socket_rc;
  67. char current_transport[20];
  68. # define AF_UNIX_PORTABILITY "$ZAFN2"
  69. # define AF_UNIX_COMPATIBILITY "$ZPLS"
  70. if (!_arg_present(transport) || transport == NULL || transport[0] == '\0')
  71. return socket(family, type, protocol);
  72. socket_transport_name_get(AF_UNIX, current_transport, 20);
  73. if (strcmp(current_transport, transport) == 0)
  74. return socket(family, type, protocol);
  75. /* set the requested socket transport */
  76. if (socket_transport_name_set(AF_UNIX, transport))
  77. return -1;
  78. socket_rc = socket(family, type, protocol);
  79. /* set mode back to what it was */
  80. if (socket_transport_name_set(AF_UNIX, current_transport))
  81. return -1;
  82. return socket_rc;
  83. }
  84. /*#define socket(a,b,c,...) hpns_socket(a,b,c,__VA_ARGS__) */
  85. static int hpns_connect_attempt = 0;
  86. # endif /* defined(OPENSSL_SYS_HPNS) */
  87. int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
  88. {
  89. FILE *fp = NULL;
  90. struct sockaddr_un addr;
  91. int mybuffer, ret = -1, i, numbytes, fd;
  92. unsigned char tempbuf[255];
  93. if (bytes > (int)sizeof(tempbuf))
  94. return -1;
  95. /* Make socket. */
  96. memset(&addr, 0, sizeof(addr));
  97. addr.sun_family = AF_UNIX;
  98. if (strlen(path) >= sizeof(addr.sun_path))
  99. return -1;
  100. strcpy(addr.sun_path, path);
  101. i = offsetof(struct sockaddr_un, sun_path) + strlen(path);
  102. #if defined(OPENSSL_SYS_TANDEM)
  103. fd = hpns_socket(AF_UNIX, SOCK_STREAM, 0, AF_UNIX_COMPATIBILITY);
  104. #else
  105. fd = socket(AF_UNIX, SOCK_STREAM, 0);
  106. #endif
  107. if (fd == -1 || (fp = fdopen(fd, "r+")) == NULL)
  108. return -1;
  109. setbuf(fp, NULL);
  110. /* Try to connect */
  111. for (;;) {
  112. if (connect(fd, (struct sockaddr *)&addr, i) == 0)
  113. break;
  114. # ifdef EISCONN
  115. if (errno == EISCONN)
  116. break;
  117. # endif
  118. switch (errno) {
  119. # ifdef EINTR
  120. case EINTR:
  121. # endif
  122. # ifdef EAGAIN
  123. case EAGAIN:
  124. # endif
  125. # ifdef EINPROGRESS
  126. case EINPROGRESS:
  127. # endif
  128. # ifdef EALREADY
  129. case EALREADY:
  130. # endif
  131. /* No error, try again */
  132. break;
  133. default:
  134. # if defined(OPENSSL_SYS_TANDEM)
  135. if (hpns_connect_attempt == 0) {
  136. /* try the other kind of AF_UNIX socket */
  137. close(fd);
  138. fd = hpns_socket(AF_UNIX, SOCK_STREAM, 0, AF_UNIX_PORTABILITY);
  139. if (fd == -1)
  140. return -1;
  141. ++hpns_connect_attempt;
  142. break; /* try the connect again */
  143. }
  144. # endif
  145. ret = -1;
  146. goto err;
  147. }
  148. }
  149. /* Make request, see how many bytes we can get back. */
  150. tempbuf[0] = 1;
  151. tempbuf[1] = bytes;
  152. if (fwrite(tempbuf, sizeof(char), 2, fp) != 2 || fflush(fp) == EOF)
  153. goto err;
  154. if (fread(tempbuf, sizeof(char), 1, fp) != 1 || tempbuf[0] == 0)
  155. goto err;
  156. numbytes = tempbuf[0];
  157. /* Which buffer are we using? */
  158. mybuffer = buf == NULL;
  159. if (mybuffer)
  160. buf = tempbuf;
  161. /* Read bytes. */
  162. i = fread(buf, sizeof(char), numbytes, fp);
  163. if (i < numbytes)
  164. goto err;
  165. ret = numbytes;
  166. if (mybuffer)
  167. RAND_add(tempbuf, i, i);
  168. err:
  169. if (fp != NULL)
  170. fclose(fp);
  171. return ret;
  172. }
  173. int RAND_egd_bytes(const char *path, int bytes)
  174. {
  175. int num;
  176. num = RAND_query_egd_bytes(path, NULL, bytes);
  177. if (num < 0)
  178. return -1;
  179. if (RAND_status() != 1)
  180. return -1;
  181. return num;
  182. }
  183. int RAND_egd(const char *path)
  184. {
  185. return RAND_egd_bytes(path, 255);
  186. }
  187. #endif