New function RAND_pseudo_bytes() generated pseudorandom numbers that

are not guaranteed to be unpredictable.
2000-01-16 15:58:17 +00:00 · 2000-01-16 15:58:17 +00:00 · 373b575f5a
commit 373b575f5a
parent e1798f856d
8 changed files with 37 additions and 9 deletions
--- a/9
+++ b/9
@ -7,11 +7,12 @@
  *) Precautions against using the PRNG uninitialized: RAND_bytes() now
     has a return value which indicates the quality of the random data
     (1 = ok, 0 = not seeded).  Also an error is recorded on the thread's
-     error queue.
+     error queue. New function RAND_pseudo_bytes() generates output that is
+     guaranteed to be unique but not unpredictable.
     (TO DO: always check the result of RAND_bytes when it is used in the
-     library, because leaving the error in the error queue but reporting
-     success in a function that uses RAND_bytes could confuse things
-     considerably.)
+     library, or use RAND_pseudo_bytes instead, because leaving the
+     error in the error queue but reporting success in a function that
+     uses RAND_bytes could confuse things considerably.)
     [Ulf Möller]

  *) Do more iterations of Rabin-Miller probable prime test (specifically,
--- a/apps/speed.c
+++ b/apps/speed.c
@ -965,7 +965,7 @@ int MAIN(int argc, char **argv)
 		}
 #endif

-	RAND_bytes(buf,36);
+	RAND_pseudo_bytes(buf,36);
 #ifndef NO_RSA
 	for (j=0; j<RSA_NUM; j++)
 		{
@ -1026,7 +1026,7 @@ int MAIN(int argc, char **argv)
 		}
 #endif

-	RAND_bytes(buf,20);
+	RAND_pseudo_bytes(buf,20);
 #ifndef NO_DSA
 	for (j=0; j<DSA_NUM; j++)
 		{
--- a/crypto/pkcs7/pk7_mime.c
+++ b/crypto/pkcs7/pk7_mime.c
@ -149,7 +149,7 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
 	if((flags & PKCS7_DETACHED) && data) {
 	/* We want multipart/signed */
 		/* Generate a random boundary */
-		RAND_bytes((unsigned char *)bound, 32);
+		RAND_pseudo_bytes((unsigned char *)bound, 32);
 		for(i = 0; i < 32; i++) {
 			c = bound[i] & 0xf;
 			if(c < 10) c += '0';
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@ -146,12 +146,14 @@ static void ssleay_rand_cleanup(void);
 static void ssleay_rand_seed(const void *buf, int num);
 static void ssleay_rand_add(const void *buf, int num, int add_entropy);
 static int ssleay_rand_bytes(unsigned char *buf, int num);
+static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);

 RAND_METHOD rand_ssleay_meth={
 	ssleay_rand_seed,
 	ssleay_rand_bytes,
 	ssleay_rand_cleanup,
 	ssleay_rand_add,
+	ssleay_rand_pseudo_bytes,
 	}; 

 RAND_METHOD *RAND_SSLeay(void)
@ -449,6 +451,23 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 		}
 	}

+/* pseudo-random bytes that are guaranteed to be unique but not
+   unpredictable */
+static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) 
+	{
+	int ret, err;
+
+	ret = RAND_bytes(buf, num);
+	if (ret == 0)
+		{
+		err = ERR_peek_error();
+		if (ERR_GET_LIB(err) == ERR_LIB_RAND &&
+		    ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED)
+			(void)ERR_get_error();
+		}
+	return (ret);
+	}
+
 #ifdef WINDOWS
 #include <windows.h>
 #include <openssl/rand.h>
--- a/crypto/rand/rand.h
+++ b/crypto/rand/rand.h
@ -69,6 +69,7 @@ typedef struct rand_meth_st
 	int (*bytes)(unsigned char *buf, int num);
 	void (*cleanup)(void);
 	void (*add)(const void *buf, int num, int entropy);
+	int (*pseudorand)(unsigned char *buf, int num);
 	} RAND_METHOD;

 void RAND_set_rand_method(RAND_METHOD *meth);
@ -76,6 +77,7 @@ RAND_METHOD *RAND_get_rand_method(void );
 RAND_METHOD *RAND_SSLeay(void);
 void RAND_cleanup(void );
 int  RAND_bytes(unsigned char *buf,int num);
+int  RAND_pseudo_bytes(unsigned char *buf,int num);
 void RAND_seed(const void *buf,int num);
 void RAND_add(const void *buf,int num,int entropy);
 int  RAND_load_file(const char *file,long max_bytes);
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@ -102,3 +102,9 @@ int RAND_bytes(unsigned char *buf, int num)
 	return(-1);
 	}

+int RAND_pseudo_bytes(unsigned char *buf, int num)
+	{
+	if (rand_meth != NULL)
+		return rand_meth->pseudorand(buf,num);
+	return(-1);
+	}
--- a/crypto/rand/randtest.c
+++ b/crypto/rand/randtest.c
@ -73,7 +73,7 @@ int main()
 	/*double d; */
 	long d;

-	RAND_bytes(buf,2500);
+	RAND_pseudo_bytes(buf,2500);

 	n1=0;
 	for (i=0; i<16; i++) n2[i]=0;
--- a/e_os.h
+++ b/e_os.h
@ -79,7 +79,7 @@ extern "C" {
 #ifndef DEVRANDOM
 /* set this to your 'random' device if you have one.
 * My default, we will try to read this file */
-#define DEVRANDOM "/dev/urandom"
+#define DEVRANDOM "/gibtsnich/dev/urandom"
 #endif

 #if defined(__MWERKS__) && defined(macintosh)