generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

New function RAND_pseudo_bytes() generated pseudorandom numbers that

Browse Source 
are not guaranteed to be unpredictable.
This commit is contained in:
Ulf Möller 2000-01-16 15:58:17 +00:00
parent e1798f856d
commit 373b575f5a
8 changed files with 37 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
CHANGES
View File

@ -7,11 +7,12 @@
*) Precautions against using the PRNG uninitialized: RAND_bytes() now *) Precautions against using the PRNG uninitialized: RAND_bytes() now
has a return value which indicates the quality of the random data has a return value which indicates the quality of the random data
(1 = ok, 0 = not seeded). Also an error is recorded on the thread's (1 = ok, 0 = not seeded). Also an error is recorded on the thread's
error queue. error queue. New function RAND_pseudo_bytes() generates output that is
guaranteed to be unique but not unpredictable.
(TO DO: always check the result of RAND_bytes when it is used in the (TO DO: always check the result of RAND_bytes when it is used in the
library, because leaving the error in the error queue but reporting library, or use RAND_pseudo_bytes instead, because leaving the
success in a function that uses RAND_bytes could confuse things error in the error queue but reporting success in a function that
considerably.) uses RAND_bytes could confuse things considerably.)
[Ulf Möller] [Ulf Möller]
*) Do more iterations of Rabin-Miller probable prime test (specifically, *) Do more iterations of Rabin-Miller probable prime test (specifically,

4
apps/speed.c
View File

@ -965,7 +965,7 @@ int MAIN(int argc, char **argv)
} }
#endif #endif
RAND_bytes(buf,36); RAND_pseudo_bytes(buf,36);
#ifndef NO_RSA #ifndef NO_RSA
for (j=0; j<RSA_NUM; j++) for (j=0; j<RSA_NUM; j++)
{ {
@ -1026,7 +1026,7 @@ int MAIN(int argc, char **argv)
} }
#endif #endif
RAND_bytes(buf,20); RAND_pseudo_bytes(buf,20);
#ifndef NO_DSA #ifndef NO_DSA
for (j=0; j<DSA_NUM; j++) for (j=0; j<DSA_NUM; j++)
{ {

2
crypto/pkcs7/pk7_mime.c
View File

@ -149,7 +149,7 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
if((flags & PKCS7_DETACHED) && data) { if((flags & PKCS7_DETACHED) && data) {
/* We want multipart/signed */ /* We want multipart/signed */
/* Generate a random boundary */ /* Generate a random boundary */
RAND_bytes((unsigned char *)bound, 32); RAND_pseudo_bytes((unsigned char *)bound, 32);
for(i = 0; i < 32; i++) { for(i = 0; i < 32; i++) {
c = bound[i] & 0xf; c = bound[i] & 0xf;
if(c < 10) c += '0'; if(c < 10) c += '0';

19
crypto/rand/md_rand.c
View File

@ -146,12 +146,14 @@ static void ssleay_rand_cleanup(void);
static void ssleay_rand_seed(const void *buf, int num); static void ssleay_rand_seed(const void *buf, int num);
static void ssleay_rand_add(const void *buf, int num, int add_entropy); static void ssleay_rand_add(const void *buf, int num, int add_entropy);
static int ssleay_rand_bytes(unsigned char *buf, int num); static int ssleay_rand_bytes(unsigned char *buf, int num);
static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);
RAND_METHOD rand_ssleay_meth={ RAND_METHOD rand_ssleay_meth={
ssleay_rand_seed, ssleay_rand_seed,
ssleay_rand_bytes, ssleay_rand_bytes,
ssleay_rand_cleanup, ssleay_rand_cleanup,
ssleay_rand_add, ssleay_rand_add,
ssleay_rand_pseudo_bytes,
}; };
RAND_METHOD *RAND_SSLeay(void) RAND_METHOD *RAND_SSLeay(void)
@ -449,6 +451,23 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
} }
} }
/* pseudo-random bytes that are guaranteed to be unique but not
unpredictable */
static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
{
int ret, err;
ret = RAND_bytes(buf, num);
if (ret == 0)
{
err = ERR_peek_error();
if (ERR_GET_LIB(err) == ERR_LIB_RAND &&
ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED)
(void)ERR_get_error();
}
return (ret);
}
#ifdef WINDOWS #ifdef WINDOWS
#include <windows.h> #include <windows.h>
#include <openssl/rand.h> #include <openssl/rand.h>

2
crypto/rand/rand.h
View File

@ -69,6 +69,7 @@ typedef struct rand_meth_st
int (*bytes)(unsigned char *buf, int num); int (*bytes)(unsigned char *buf, int num);
void (*cleanup)(void); void (*cleanup)(void);
void (*add)(const void *buf, int num, int entropy); void (*add)(const void *buf, int num, int entropy);
int (*pseudorand)(unsigned char *buf, int num);
} RAND_METHOD; } RAND_METHOD;
void RAND_set_rand_method(RAND_METHOD *meth); void RAND_set_rand_method(RAND_METHOD *meth);
@ -76,6 +77,7 @@ RAND_METHOD *RAND_get_rand_method(void );
RAND_METHOD *RAND_SSLeay(void); RAND_METHOD *RAND_SSLeay(void);
void RAND_cleanup(void ); void RAND_cleanup(void );
int RAND_bytes(unsigned char *buf,int num); int RAND_bytes(unsigned char *buf,int num);
int RAND_pseudo_bytes(unsigned char *buf,int num);
void RAND_seed(const void *buf,int num); void RAND_seed(const void *buf,int num);
void RAND_add(const void *buf,int num,int entropy); void RAND_add(const void *buf,int num,int entropy);
int RAND_load_file(const char *file,long max_bytes); int RAND_load_file(const char *file,long max_bytes);

6
crypto/rand/rand_lib.c
View File

@ -102,3 +102,9 @@ int RAND_bytes(unsigned char *buf, int num)
return(-1); return(-1);
} }
int RAND_pseudo_bytes(unsigned char *buf, int num)
{
if (rand_meth != NULL)
return rand_meth->pseudorand(buf,num);
return(-1);
}

2
crypto/rand/randtest.c
View File

@ -73,7 +73,7 @@ int main()
/*double d; */ /*double d; */
long d; long d;
RAND_bytes(buf,2500); RAND_pseudo_bytes(buf,2500);
n1=0; n1=0;
for (i=0; i<16; i++) n2[i]=0; for (i=0; i<16; i++) n2[i]=0;

2
e_os.h
View File

@ -79,7 +79,7 @@ extern "C" {
#ifndef DEVRANDOM #ifndef DEVRANDOM
/* set this to your 'random' device if you have one. /* set this to your 'random' device if you have one.
* My default, we will try to read this file */ * My default, we will try to read this file */
#define DEVRANDOM "/dev/urandom" #define DEVRANDOM "/gibtsnich/dev/urandom"
#endif #endif
#if defined(__MWERKS__) && defined(macintosh) #if defined(__MWERKS__) && defined(macintosh)