1 /*************************************************************************** 2 * _ _ ____ _ 3 * Project ___| | | | _ \| | 4 * / __| | | | |_) | | 5 * | (__| |_| | _ <| |___ 6 * \___|\___/|_| \_\_____| 7 * 8 * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel (at) haxx.se>, et al. 9 * 10 * This software is licensed as described in the file COPYING, which 11 * you should have received as part of this distribution. The terms 12 * are also available at https://curl.haxx.se/docs/copyright.html. 13 * 14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell 15 * copies of the Software, and permit persons to whom the Software is 16 * furnished to do so, under the terms of the COPYING file. 17 * 18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY 19 * KIND, either express or implied. 20 * 21 ***************************************************************************/ 22 23 #include "curl_setup.h" 24 25 #ifdef HAVE_FCNTL_H 26 #include <fcntl.h> 27 #endif 28 29 #include <curl/curl.h> 30 #include "vtls/vtls.h" 31 #include "sendf.h" 32 #include "rand.h" 33 34 /* The last 3 #include files should be in this order */ 35 #include "curl_printf.h" 36 #include "curl_memory.h" 37 #include "memdebug.h" 38 39 static CURLcode randit(struct Curl_easy *data, unsigned int *rnd) 40 { 41 unsigned int r; 42 CURLcode result = CURLE_OK; 43 static unsigned int randseed; 44 static bool seeded = FALSE; 45 46 #ifdef CURLDEBUG 47 char *force_entropy = getenv("CURL_ENTROPY"); 48 if(force_entropy) { 49 if(!seeded) { 50 unsigned int seed = 0; 51 size_t elen = strlen(force_entropy); 52 size_t clen = sizeof(seed); 53 size_t min = elen < clen ? elen : clen; 54 memcpy((char *)&seed, force_entropy, min); 55 randseed = ntohl(seed); 56 seeded = TRUE; 57 } 58 else 59 randseed++; 60 *rnd = randseed; 61 return CURLE_OK; 62 } 63 #endif 64 65 /* data may be NULL! */ 66 result = Curl_ssl_random(data, (unsigned char *)rnd, sizeof(*rnd)); 67 if(result != CURLE_NOT_BUILT_IN) 68 /* only if there is no random function in the TLS backend do the non crypto 69 version, otherwise return result */ 70 return result; 71 72 /* ---- non-cryptographic version following ---- */ 73 74 #ifdef RANDOM_FILE 75 if(!seeded) { 76 /* if there's a random file to read a seed from, use it */ 77 int fd = open(RANDOM_FILE, O_RDONLY); 78 if(fd > -1) { 79 /* read random data into the randseed variable */ 80 ssize_t nread = read(fd, &randseed, sizeof(randseed)); 81 if(nread == sizeof(randseed)) 82 seeded = TRUE; 83 close(fd); 84 } 85 } 86 #endif 87 88 if(!seeded) { 89 struct curltime now = Curl_now(); 90 infof(data, "WARNING: Using weak random seed\n"); 91 randseed += (unsigned int)now.tv_usec + (unsigned int)now.tv_sec; 92 randseed = randseed * 1103515245 + 12345; 93 randseed = randseed * 1103515245 + 12345; 94 randseed = randseed * 1103515245 + 12345; 95 seeded = TRUE; 96 } 97 98 /* Return an unsigned 32-bit pseudo-random number. */ 99 r = randseed = randseed * 1103515245 + 12345; 100 *rnd = (r << 16) | ((r >> 16) & 0xFFFF); 101 return CURLE_OK; 102 } 103 104 /* 105 * Curl_rand() stores 'num' number of random unsigned integers in the buffer 106 * 'rndptr' points to. 107 * 108 * If libcurl is built without TLS support or with a TLS backend that lacks a 109 * proper random API (Gskit, PolarSSL or mbedTLS), this function will use 110 * "weak" random. 111 * 112 * When built *with* TLS support and a backend that offers strong random, it 113 * will return error if it cannot provide strong random values. 114 * 115 * NOTE: 'data' may be passed in as NULL when coming from external API without 116 * easy handle! 117 * 118 */ 119 120 CURLcode Curl_rand(struct Curl_easy *data, unsigned char *rnd, size_t num) 121 { 122 CURLcode result = CURLE_BAD_FUNCTION_ARGUMENT; 123 124 DEBUGASSERT(num > 0); 125 126 while(num) { 127 unsigned int r; 128 size_t left = num < sizeof(unsigned int) ? num : sizeof(unsigned int); 129 130 result = randit(data, &r); 131 if(result) 132 return result; 133 134 while(left) { 135 *rnd++ = (unsigned char)(r & 0xFF); 136 r >>= 8; 137 --num; 138 --left; 139 } 140 } 141 142 return result; 143 } 144 145 /* 146 * Curl_rand_hex() fills the 'rnd' buffer with a given 'num' size with random 147 * hexadecimal digits PLUS a zero terminating byte. It must be an odd number 148 * size. 149 */ 150 151 CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd, 152 size_t num) 153 { 154 CURLcode result = CURLE_BAD_FUNCTION_ARGUMENT; 155 const char *hex = "0123456789abcdef"; 156 unsigned char buffer[128]; 157 unsigned char *bufp = buffer; 158 DEBUGASSERT(num > 1); 159 160 #ifdef __clang_analyzer__ 161 /* This silences a scan-build warning about accesssing this buffer with 162 uninitialized memory. */ 163 memset(buffer, 0, sizeof(buffer)); 164 #endif 165 166 if((num/2 >= sizeof(buffer)) || !(num&1)) 167 /* make sure it fits in the local buffer and that it is an odd number! */ 168 return CURLE_BAD_FUNCTION_ARGUMENT; 169 170 num--; /* save one for zero termination */ 171 172 result = Curl_rand(data, buffer, num/2); 173 if(result) 174 return result; 175 176 while(num) { 177 *rnd++ = hex[(*bufp & 0xF0)>>4]; 178 *rnd++ = hex[*bufp & 0x0F]; 179 bufp++; 180 num -= 2; 181 } 182 *rnd = 0; 183 184 return result; 185 } 186
