void RAND_add(const void *buf, int num, double randomness)
{
const RAND_METHOD *meth = RAND_get_rand_method();
if (meth->add != NULL)
meth->add(buf, num, randomness);
}
int RAND_status(void)
{
const RAND_METHOD *meth = RAND_get_rand_method();
if (meth && meth->status)
return meth->status();
return 0;
}
/*
* OpenSSL random should re-feeded occasionally. From /dev/urandom
* preferably.
*/
static void
init_openssl_rand(void)
{
if (RAND_get_rand_method() == NULL)
RAND_set_rand_method(RAND_SSLeay());
openssl_random_init = 1;
}
void RAND_cleanup(void)
{
const RAND_METHOD *meth = RAND_get_rand_method();
if (meth && meth->cleanup)
meth->cleanup();
RAND_set_rand_method(NULL);
}
void RAND_seed(const void *buf, int num)
{
const RAND_METHOD *meth = RAND_get_rand_method();
if (meth->seed != NULL)
meth->seed(buf, num);
}
void verify_rng()
{
auto* rm = RAND_get_rand_method();
int random_value = 0;
int rc = RAND_bytes((uint8_t*) &random_value, sizeof(random_value));
assert(rc == 0 || rc == 1);
}
int RAND_pseudo_bytes(unsigned char *buf, int num)
{
const RAND_METHOD *meth = RAND_get_rand_method();
if (meth && meth->pseudorand)
return meth->pseudorand(buf, num);
return (-1);
}
void RAND_add(const void *buf, int num, long entropy)
#endif
{
const RAND_METHOD *meth = RAND_get_rand_method();
if (meth && meth->add)
meth->add(buf,num,entropy);
}
int RAND_bytes(unsigned char *buf, int num)
{
const RAND_METHOD *meth = RAND_get_rand_method();
memset(buf, 0, num);
if (meth && meth->bytes)
return meth->bytes(buf,num);
return(-1);
}
int RAND_bytes(unsigned char *buf, int num)
{
const RAND_METHOD *meth = RAND_get_rand_method();
if (meth->bytes != NULL)
return meth->bytes(buf, num);
RANDerr(RAND_F_RAND_BYTES, RAND_R_FUNC_NOT_IMPLEMENTED);
return -1;
}
void RAND_cleanup(void)
{
const RAND_METHOD *meth = RAND_get_rand_method();
if (meth && meth->cleanup)
meth->cleanup();
#ifndef OPERA_SMALL_VERSION
RAND_set_rand_method(NULL);
#endif // !OPERA_SMALL_VERSION
}
static bool
init_rand ()
{
#define BUFSZ 40
unsigned char foo[BUFSZ];
RAND_get_rand_method() ->bytes (foo, BUFSZ);
#undef BUFSZ
return true;
}
/* called after g_module_check_init(), after shadow searches for __shadow_plugin_init__ */
void __shadow_plugin_init__(ShadowFunctionTable* shadowlibFuncs) {
/* save the shadow functions we will use */
scallion.shadowlibFuncs = shadowlibFuncs;
/* tell shadow which functions it should call to manage nodes */
shadowlibFuncs->registerPlugin(&_scallion_new, &_scallion_free, &_scallion_notify);
shadowlibFuncs->log(SHADOW_LOG_LEVEL_INFO, __FUNCTION__, "finished registering scallion plug-in state");
/* setup openssl locks */
#define OPENSSL_THREAD_DEFINES
#include <openssl/opensslconf.h>
#if defined(OPENSSL_THREADS)
/* thread support enabled */
/* make sure openssl uses Shadow's random sources and make crypto thread-safe */
const RAND_METHOD* shadowRandomMethod = NULL;
CRYPTO_lock_func shadowLockFunc = NULL;
CRYPTO_id_func shadowIdFunc = NULL;
int nLocks = CRYPTO_num_locks();
gboolean success = shadowlibFuncs->cryptoSetup(nLocks, (gpointer*)&shadowLockFunc,
(gpointer*)&shadowIdFunc, (gconstpointer*)&shadowRandomMethod);
if(!success) {
/* ok, lets see if we can get shadow function pointers through LD_PRELOAD */
shadowRandomMethod = RAND_get_rand_method();
shadowLockFunc = CRYPTO_get_locking_callback();
shadowIdFunc = CRYPTO_get_id_callback();
}
CRYPTO_set_locking_callback(shadowLockFunc);
CRYPTO_set_id_callback(shadowIdFunc);
RAND_set_rand_method(shadowRandomMethod);
shadowlibFuncs->log(SHADOW_LOG_LEVEL_INFO, __FUNCTION__, "finished initializing crypto thread state");
#else
/* no thread support */
shadowlibFuncs->log(SHADOW_LOG_LEVEL_CRITICAL, __FUNCTION__, "please rebuild openssl with threading support. expect segfaults.");
#endif
/* setup libevent locks */
#ifdef EVTHREAD_USE_PTHREADS_IMPLEMENTED
if(evthread_use_pthreads()) {
shadowlibFuncs->log(SHADOW_LOG_LEVEL_CRITICAL, __FUNCTION__, "error in evthread_use_pthreads()");
}
shadowlibFuncs->log(SHADOW_LOG_LEVEL_MESSAGE, __FUNCTION__, "finished initializing event thread state evthread_use_pthreads()");
#else
shadowlibFuncs->log(SHADOW_LOG_LEVEL_CRITICAL, __FUNCTION__, "please rebuild libevent with threading support, or link with event_pthread. expect segfaults.");
#endif
}
/*
* This function is not part of RAND_METHOD, so if we're not using
* the default method, then just call RAND_bytes(). Otherwise make
* sure we're instantiated and use the private DRBG.
*/
int RAND_priv_bytes(unsigned char *buf, int num)
{
const RAND_METHOD *meth = RAND_get_rand_method();
if (meth != RAND_OpenSSL())
return RAND_bytes(buf, num);
if (priv_drbg.state == DRBG_UNINITIALISED
&& RAND_DRBG_instantiate(&priv_drbg, NULL, 0) == 0)
return 0;
return RAND_DRBG_generate(&priv_drbg, buf, num, 0, NULL, 0);
}
/*
* OpenSSL random should re-feeded occasionally. From /dev/urandom
* preferably.
*/
static void
init_openssl_rand(void)
{
if (RAND_get_rand_method() == NULL)
{
#ifdef HAVE_RAND_OPENSSL
RAND_set_rand_method(RAND_OpenSSL());
#else
RAND_set_rand_method(RAND_SSLeay());
#endif
}
openssl_random_init = 1;
}
/*
* This function is not part of RAND_METHOD, so if we're not using
* the default method, then just call RAND_bytes(). Otherwise make
* sure we're instantiated and use the private DRBG.
*/
int RAND_priv_bytes(unsigned char *buf, int num)
{
const RAND_METHOD *meth = RAND_get_rand_method();
RAND_DRBG *drbg;
if (meth != RAND_OpenSSL())
return RAND_bytes(buf, num);
drbg = RAND_DRBG_get0_priv_global();
if (drbg == NULL)
return 0;
return RAND_DRBG_generate(drbg, buf, num, 0, NULL, 0);
}
static gboolean
genuid_rand_openssl (guchar *buffer, int length)
{
static RAND_METHOD *rm = NULL;
INC_LOCK();
if (!rm)
rm = RAND_get_rand_method ();
INC_UNLOCK();
RAND_bytes (buffer, length);
return TRUE;
}
static int change_rand(void)
{
/* save old rand method */
if (!TEST_ptr(old_rand = RAND_get_rand_method()))
return 0;
fake_rand = *old_rand;
/* use own random function */
fake_rand.bytes = fbytes;
/* set new RAND_METHOD */
if (!TEST_true(RAND_set_rand_method(&fake_rand)))
return 0;
return 1;
}
/*
* RAND_poll() reseeds the default RNG using random input
*
* The random input is obtained from polling various entropy
* sources which depend on the operating system and are
* configurable via the --with-rand-seed configure option.
*/
int RAND_poll(void)
{
int ret = 0;
RAND_POOL *pool = NULL;
const RAND_METHOD *meth = RAND_get_rand_method();
if (meth == RAND_OpenSSL()) {
/* fill random pool and seed the master DRBG */
RAND_DRBG *drbg = RAND_DRBG_get0_master();
if (drbg == NULL)
return 0;
CRYPTO_THREAD_write_lock(drbg->lock);
ret = rand_drbg_restart(drbg, NULL, 0, 0);
CRYPTO_THREAD_unlock(drbg->lock);
return ret;
} else {
/* fill random pool and seed the current legacy RNG */
pool = RAND_POOL_new(RAND_DRBG_STRENGTH,
RAND_DRBG_STRENGTH / 8,
DRBG_MINMAX_FACTOR * (RAND_DRBG_STRENGTH / 8));
if (pool == NULL)
return 0;
if (RAND_POOL_acquire_entropy(pool) == 0)
goto err;
if (meth->add == NULL
|| meth->add(RAND_POOL_buffer(pool),
RAND_POOL_length(pool),
(RAND_POOL_entropy(pool) / 8.0)) == 0)
goto err;
ret = 1;
}
err:
RAND_POOL_free(pool);
return ret;
}
int change_rand(void)
{
/* save old rand method */
if ((old_rand = RAND_get_rand_method()) == NULL)
return 0;
fake_rand.seed = old_rand->seed;
fake_rand.cleanup = old_rand->cleanup;
fake_rand.add = old_rand->add;
fake_rand.status = old_rand->status;
/* use own random function */
fake_rand.bytes = fbytes;
fake_rand.pseudorand = old_rand->bytes;
/* set new RAND_METHOD */
if (!RAND_set_rand_method(&fake_rand))
return 0;
return 1;
}
/*
* This function is not part of RAND_METHOD, so if we're not using
* the default method, then just call RAND_bytes(). Otherwise make
* sure we're instantiated and use the private DRBG.
*/
int RAND_priv_bytes(unsigned char *buf, int num)
{
const RAND_METHOD *meth = RAND_get_rand_method();
RAND_DRBG *drbg;
int ret;
if (meth != RAND_OpenSSL())
return RAND_bytes(buf, num);
drbg = RAND_DRBG_get0_private();
if (drbg == NULL)
return 0;
/* We have to lock the DRBG before generating bits from it. */
CRYPTO_THREAD_write_lock(drbg->lock);
ret = RAND_DRBG_generate(drbg, buf, num, 0, NULL, 0);
CRYPTO_THREAD_unlock(drbg->lock);
return ret;
}
void RAND_add(const void *buf, int num, double entropy)
{
const RAND_METHOD *meth = RAND_get_rand_method();
if (meth && meth->add)
meth->add(buf, num, entropy);
}
