forked from atheme/atheme
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathrandom_fe_openssl.c
126 lines (98 loc) · 2.63 KB
/
random_fe_openssl.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
/*
* SPDX-License-Identifier: ISC
* SPDX-URL: https://spdx.org/licenses/ISC.html
*
* Copyright (C) 2019 Aaron M. D. Jones <me@aaronmdjones.net>
*
* Frontend routines for the random interface (OpenSSL backend).
*/
#ifndef ATHEME_LAC_RANDOM_FRONTEND_C
# error "Do not compile me directly; compile random_frontend.c instead"
#endif /* !ATHEME_LAC_RANDOM_FRONTEND_C */
#include <openssl/err.h>
#include <openssl/opensslv.h>
#include <openssl/rand.h>
static bool rng_init_done = false;
static void
atheme_openssl_clear_errors(void)
{
// Just call ERR_get_error() to pop errors off the OpenSSL error stack until it returns 0 (no more errors)
for (/* No initialization */; ERR_get_error() != 0; /* No action */) { }
}
static const char *
atheme_openssl_get_strerror(void)
{
static char res[BUFSIZE];
const char *efile = NULL;
const char *efunc = NULL;
const char *edata = NULL;
int eline = 0;
int eflags = 0;
const unsigned long err = ERR_get_error_all(&efile, &eline, &efunc, &edata, &eflags);
if (! err)
return "<unknown>";
if (! efile)
efile = "<unknown>";
if (! efunc)
efunc = "<unknown>";
if (! ((eflags & ERR_TXT_STRING) && edata))
edata = "<unknown>";
(void) snprintf(res, sizeof res, "%08lX (%s) [%s:%d %s]", err, edata, efile, eline, efunc);
return res;
}
uint32_t
atheme_random(void)
{
uint32_t val;
(void) atheme_random_buf(&val, sizeof val);
return val;
}
uint32_t
atheme_random_uniform(const uint32_t bound)
{
if (bound < 2)
return 0;
const uint32_t min = -bound % bound;
for (;;)
{
uint32_t candidate;
(void) atheme_random_buf(&candidate, sizeof candidate);
if (candidate >= min)
return candidate % bound;
}
}
void
atheme_random_buf(void *const restrict out, const size_t len)
{
if (! rng_init_done)
abort();
(void) atheme_openssl_clear_errors();
if (RAND_bytes(out, (const int) len) != 1)
{
(void) slog(LG_ERROR, "%s: RAND_bytes(3): %s", MOWGLI_FUNC_NAME, atheme_openssl_get_strerror());
abort();
}
}
bool ATHEME_FATTR_WUR
libathemecore_random_early_init(void)
{
(void) atheme_openssl_clear_errors();
if (RAND_status() != 1)
{
(void) fprintf(stderr, "OpenSSL: RNG initialization failed!\n");
(void) fprintf(stderr, "OpenSSL: Error %s\n", atheme_openssl_get_strerror());
return false;
}
/* Add some data to personalise the RNG. This does not contribute any
* entropy (third argument), and we make sure to do it only after the
* RNG has already been initialized, as tested above. -- amdj
*/
(void) RAND_add(PACKAGE_STRING, (int) strlen(PACKAGE_STRING), (double) 0);
rng_init_done = true;
return true;
}
const char *
random_get_frontend_info(void)
{
return OPENSSL_VERSION_TEXT;
}