/* * Pack and add bits to the entropy pool. */ void add_bits(bit_extractor* be, uint32_t sample) { //Add bits be->packedNum |= (sample & be->mask) << (be->samplesUsed * be->num2extract + be->numLeftoverBits); be->samplesUsed++; //See if we have a full 32-bit number if(be->samplesUsed >= be->samples2use) { //Add number to entropy pool add_entropy(be->packedNum, sizeof(be->packedNum)); //Store leftover bits be->numLeftoverBits = be->samplesUsed * be->num2extract + be->numLeftoverBits - 32; be->packedNum = (sample >> (be->num2extract - be->numLeftoverBits)) & MASK(be->numLeftoverBits); //Determine required # of samples if((be->numLeftoverBits + (be->samplesNeeded - 1) * be->num2extract) >= 32) be->samples2use = be->samplesNeeded - 1; else be->samples2use = be->samplesNeeded; //Reset variables be->samplesUsed = 0; }
void SSLConnection::init () { did_init = false; buffer_t path; buffer_init(&path); buffer_grow(&path,_POSIX_PATH_MAX+1); if (!HAVE_ENTROPY ()) { /* load entropy from files */ if (SSLEntropyFile) add_entropy (SSLEntropyFile); add_entropy (RAND_file_name (path.str,path.size)); /* load entropy from egd sockets */ #ifdef HAVE_RAND_EGD add_entropy (getenv ("EGDSOCKET")); buffer_shrink(&path,0); buffer_add_str(&path,NONULL(Homedir),-1); buffer_add_str(&path,"/.entropy",9); add_entropy (path.str); add_entropy ("/tmp/entropy"); #endif /* shuffle $RANDFILE (or ~/.rnd if unset) */ RAND_write_file (RAND_file_name (path.str,path.size)); if (!HAVE_ENTROPY ()) { buffer_t msg; buffer_init(&msg); buffer_add_str(&msg,_("Failed to find enough entropy on your system"),-1); displayError.emit(&msg); buffer_free(&msg); buffer_free(&path); return; } } /* * I don't think you can do this just before reading the error. * The call itself might clobber the last SSL error. */ SSL_load_error_strings (); SSL_library_init (); did_init = true; buffer_free(&path); }
void fortuna_add_entropy(const uint8_t *data, unsigned len) { if (!initDone) init(); if (!data || !len) return; add_entropy(&mainState, data, len); }
void Stateful_RNG::initialize_with(const uint8_t input[], size_t len) { add_entropy(input, len); if(8*len >= security_level()) { m_reseed_counter = 1; } }
/** * ssl_init - Initialise the SSL library * @retval 0 Success * @retval -1 Error * * OpenSSL library needs to be fed with sufficient entropy. On systems with * /dev/urandom, this is done transparently by the library itself, on other * systems we need to fill the entropy pool ourselves. * * Even though only OpenSSL 0.9.5 and later will complain about the lack of * entropy, we try to our best and fill the pool with older versions also. * (That's the reason for the ugly ifdefs and macros, otherwise I could have * simply ifdef'd the whole ssl_init function) */ static int ssl_init(void) { static bool init_complete = false; if (init_complete) return 0; if (!HAVE_ENTROPY()) { /* load entropy from files */ char path[PATH_MAX]; add_entropy(C_EntropyFile); add_entropy(RAND_file_name(path, sizeof(path))); /* load entropy from egd sockets */ #ifdef HAVE_RAND_EGD add_entropy(mutt_str_getenv("EGDSOCKET")); snprintf(path, sizeof(path), "%s/.entropy", NONULL(HomeDir)); add_entropy(path); add_entropy("/tmp/entropy"); #endif /* shuffle $RANDFILE (or ~/.rnd if unset) */ RAND_write_file(RAND_file_name(path, sizeof(path))); mutt_clear_error(); if (!HAVE_ENTROPY()) { mutt_error(_("Failed to find enough entropy on your system")); return -1; } } /* OpenSSL performs automatic initialization as of 1.1. * However LibreSSL does not (as of 2.8.3). */ #if (defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x10100000L) || \ (defined(LIBRESSL_VERSION_NUMBER)) /* I don't think you can do this just before reading the error. The call * itself might clobber the last SSL error. */ SSL_load_error_strings(); SSL_library_init(); #endif init_complete = true; return 0; }
int main(int argc, char *argv[]) { int retval = EXIT_FAILURE; int opt; int fd=-1; int val=0; int r; while ((opt = getopt(argc, argv, "h")) != -1) { switch (opt) { case 'h': usage(); exit(EXIT_SUCCESS); break; default: /* '?' */ usage(); exit(EXIT_FAILURE); } } if (argc - optind < 1) { fprintf(stderr, "Missing action\n"); usage(); exit(EXIT_FAILURE); } const char *action = argv[optind]; int action_argc = argc - optind; char **action_argv = &argv[optind]; fd = open("/dev/urandom", O_RDWR); if (fd == -1) { perror("Failed to open /dev/urandom"); exit(EXIT_FAILURE); } if (strcmp(action, "get_entropy_cnt") == 0) { retval = get_entropy_cnt(fd, action_argc, action_argv); } else if (strcmp(action, "add_entropy_cnt") == 0) { retval = add_entropy_cnt(fd, action_argc, action_argv); } else if (strcmp(action, "add_entropy") == 0) { retval = add_entropy(fd, action_argc, action_argv); } else if (strcmp(action, "add_random") == 0) { retval = add_random(fd, action_argc, action_argv); } else if (strcmp(action, "clear_pool") == 0) { retval = clear_pool(fd, action_argc, action_argv); } else { fprintf(stderr, "Unknown action: %s\n", action); usage(); retval = EXIT_FAILURE; } close(fd); return retval; }
void fortuna_add_entropy(const uint8 *data, unsigned len) { if (!init_done) { init_state(&main_state); init_done = 1; } if (!data || !len) return; add_entropy(&main_state, data, len); }
static void fortuna_seed(const void *indata, int size) { HEIMDAL_MUTEX_lock(&fortuna_mutex); fortuna_init(); add_entropy(&main_state, indata, size); if (size >= INIT_BYTES) have_entropy = 1; HEIMDAL_MUTEX_unlock(&fortuna_mutex); }
/* * OpenSSL library needs to be fed with sufficient entropy. On systems * with /dev/urandom, this is done transparently by the library itself, * on other systems we need to fill the entropy pool ourselves. * * Even though only OpenSSL 0.9.5 and later will complain about the * lack of entropy, we try to our best and fill the pool with older * versions also. (That's the reason for the ugly #ifdefs and macros, * otherwise I could have simply #ifdef'd the whole ssl_init funcion) */ static int ssl_init (void) { char path[_POSIX_PATH_MAX]; static unsigned char init_complete = 0; if (init_complete) return 0; if (! HAVE_ENTROPY()) { /* load entropy from files */ add_entropy (SslEntropyFile); add_entropy (RAND_file_name (path, sizeof (path))); /* load entropy from egd sockets */ #ifdef HAVE_RAND_EGD add_entropy (getenv ("EGDSOCKET")); snprintf (path, sizeof(path), "%s/.entropy", NONULL(Homedir)); add_entropy (path); add_entropy ("/tmp/entropy"); #endif /* shuffle $RANDFILE (or ~/.rnd if unset) */ RAND_write_file (RAND_file_name (path, sizeof (path))); mutt_clear_error (); if (! HAVE_ENTROPY()) { mutt_error (_("Failed to find enough entropy on your system")); mutt_sleep (2); return -1; } } /* I don't think you can do this just before reading the error. The call * itself might clobber the last SSL error. */ SSL_load_error_strings(); SSL_library_init(); init_complete = 1; return 0; }
static bytea * decrypt_internal(int is_pubenc, int need_text, text *data, text *key, text *keypsw, text *args) { int err; MBuf *src = NULL, *dst = NULL; uint8 tmp[VARHDRSZ]; uint8 *restmp; bytea *res; int res_len; PGP_Context *ctx = NULL; struct debug_expect ex; int got_unicode = 0; init_work(&ctx, need_text, args, &ex); src = mbuf_create_from_data((uint8 *) VARDATA(data), VARSIZE(data) - VARHDRSZ); dst = mbuf_create(VARSIZE(data) + 2048); /* * reserve room for header */ mbuf_append(dst, tmp, VARHDRSZ); /* * set key */ if (is_pubenc) { uint8 *psw = NULL; int psw_len = 0; MBuf *kbuf; if (keypsw) { psw = (uint8 *) VARDATA(keypsw); psw_len = VARSIZE(keypsw) - VARHDRSZ; } kbuf = create_mbuf_from_vardata(key); err = pgp_set_pubkey(ctx, kbuf, psw, psw_len, 1); mbuf_free(kbuf); } else err = pgp_set_symkey(ctx, (uint8 *) VARDATA(key), VARSIZE(key) - VARHDRSZ); /* * decrypt */ if (err >= 0) err = pgp_decrypt(ctx, src, dst); /* * failed? */ if (err < 0) goto out; if (ex.expect) check_expect(ctx, &ex); /* remember the setting */ got_unicode = pgp_get_unicode_mode(ctx); out: if (src) mbuf_free(src); if (ctx) pgp_free(ctx); if (err) { px_set_debug_handler(NULL); if (dst) mbuf_free(dst); ereport(ERROR, (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION), errmsg("%s", px_strerror(err)))); } res_len = mbuf_steal_data(dst, &restmp); mbuf_free(dst); /* res_len includes VARHDRSZ */ res = (bytea *) restmp; SET_VARSIZE(res, res_len); if (need_text && got_unicode) { text *utf = convert_from_utf8(res); if (utf != res) { clear_and_pfree(res); res = utf; } } px_set_debug_handler(NULL); /* * add successfull decryptions also into RNG */ add_entropy(res, key, keypsw); return res; }
static bytea * encrypt_internal(int is_pubenc, int is_text, text *data, text *key, text *args) { MBuf *src, *dst; uint8 tmp[VARHDRSZ]; uint8 *restmp; bytea *res; int res_len; PGP_Context *ctx; int err; struct debug_expect ex; text *tmp_data = NULL; /* * Add data and key info RNG. */ add_entropy(data, key, NULL); init_work(&ctx, is_text, args, &ex); if (is_text && pgp_get_unicode_mode(ctx)) { tmp_data = convert_to_utf8(data); if (tmp_data == data) tmp_data = NULL; else data = tmp_data; } src = create_mbuf_from_vardata(data); dst = mbuf_create(VARSIZE(data) + 128); /* * reserve room for header */ mbuf_append(dst, tmp, VARHDRSZ); /* * set key */ if (is_pubenc) { MBuf *kbuf = create_mbuf_from_vardata(key); err = pgp_set_pubkey(ctx, kbuf, NULL, 0, 0); mbuf_free(kbuf); } else err = pgp_set_symkey(ctx, (uint8 *) VARDATA(key), VARSIZE(key) - VARHDRSZ); /* * encrypt */ if (err >= 0) err = pgp_encrypt(ctx, src, dst); /* * check for error */ if (err) { if (ex.debug) px_set_debug_handler(NULL); if (tmp_data) clear_and_pfree(tmp_data); pgp_free(ctx); mbuf_free(src); mbuf_free(dst); ereport(ERROR, (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION), errmsg("%s", px_strerror(err)))); } /* res_len includes VARHDRSZ */ res_len = mbuf_steal_data(dst, &restmp); res = (bytea *) restmp; SET_VARSIZE(res, res_len); if (tmp_data) clear_and_pfree(tmp_data); pgp_free(ctx); mbuf_free(src); mbuf_free(dst); px_set_debug_handler(NULL); return res; }
SSL_CTX * tls_init(srv_t * srv) { char path[_POSIX_PATH_MAX]; SSL_CTX *ctx; int r; char errorstr[1024]; unsigned long e; SSL_library_init(); SSL_load_error_strings(); /* basic set up */ OpenSSL_add_ssl_algorithms(); /* * Create a TLS context */ if (!(ctx = SSL_CTX_new(SSLv23_method()))) { LOG(SPOCP_ERR) traceLog(LOG_ERR,"Error allocation SSL_CTX"); return 0; } LOG(SPOCP_DEBUG) traceLog(LOG_DEBUG,"Do we have enough randomness ??"); if (!RAND_status()) { /* * load entropy from files */ add_entropy(srv->SslEntropyFile); add_entropy(RAND_file_name(path, sizeof(path))); /* * load entropy from egd sockets */ #ifdef HAVE_RAND_EGD add_entropy(getenv("EGDSOCKET")); snprintf(path, sizeof(path), "%s/.entropy", NONULL(Homedir)); add_entropy(path); add_entropy("/tmp/entropy"); #endif /* * shuffle $RANDFILE (or ~/.rnd if unset) */ RAND_write_file(RAND_file_name(path, sizeof(path))); if (!RAND_status()) { LOG(SPOCP_ERR) traceLog(LOG_ERR, "Failed to find enough entropy on your system"); return 0; } } /* * Initialize with DH parameters if supplied */ if (srv->dhFile) { if (init_dh(ctx, (unsigned char *) srv->dhFile) == FALSE) { LOG(SPOCP_ERR) traceLog(LOG_ERR,"Error initializing DH"); SSL_CTX_free(ctx); return 0; } else LOG(SPOCP_ERR) traceLog(LOG_ERR,"Initializing DH OK"); } /* * and a RSA key too */ if (generate_eph_rsa_key(ctx, 512) == FALSE) { LOG(SPOCP_ERR) traceLog(LOG_ERR,"Error initializing RSA key"); SSL_CTX_free(ctx); return 0; } else LOG(SPOCP_ERR) traceLog(LOG_ERR,"Initializing RSA key OK"); /* * Set up certificates and keys */ if (srv->certificateFile != NULL) { LOG(SPOCP_INFO) traceLog(LOG_INFO,"Reading Certificate File"); if (!SSL_CTX_use_certificate_chain_file (ctx, srv->certificateFile)) { LOG(SPOCP_ERR) traceLog(LOG_ERR,"Error in SSL_CTX_use_certificate_file"); SSL_CTX_free(ctx); return 0; } } if (srv->privateKey != NULL) { if (srv->passwd) { SSL_CTX_set_default_passwd_cb_userdata(ctx, (void *) srv-> passwd); SSL_CTX_set_default_passwd_cb(ctx, password_cb); } LOG(SPOCP_INFO) traceLog(LOG_INFO,"Reading Private Key File"); r = SSL_CTX_use_PrivateKey_file(ctx, srv->privateKey, SSL_FILETYPE_PEM); if (r == 0) { e = ERR_get_error(); ERR_error_string_n(e, errorstr, 1024); LOG(SPOCP_ERR) traceLog(LOG_ERR,"Error in SSL_CTX_use_PrivateKey_file"); LOG(SPOCP_ERR) traceLog(LOG_ERR,"%s", errorstr); SSL_CTX_free(ctx); return 0; } } if (srv->caList != NULL) { LOG(SPOCP_INFO) traceLog(LOG_INFO,"Reading Trusted CAs File"); if (!SSL_CTX_load_verify_locations(ctx, srv->caList, 0)) { LOG(SPOCP_ERR) traceLog(LOG_ERR,"Error in SSL_CTX_load_verify_locations"); SSL_CTX_free(ctx); return 0; } } if (srv->clientcert == NONE) SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, verify_callback_ok); else { int i = SSL_VERIFY_PEER; if (srv->clientcert == HARD) i |= SSL_VERIFY_CLIENT_ONCE; SSL_CTX_set_verify(ctx, i, verify_callback); } SSL_CTX_set_verify_depth(ctx, srv->sslverifydepth); SSL_CTX_set_options(ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2); if (SSL_CTX_set_cipher_list(ctx, CIPHER_LIST) != 1) { LOG(SPOCP_ERR) traceLog(LOG_ERR,"No valid ciphers in cipherlist"); SSL_CTX_free(ctx); return 0; } LOG(SPOCP_DEBUG) traceLog(LOG_DEBUG,"Initialised TLS"); return ctx; }
static int fortuna_reseed(void) { int entropy_p = 0; if (!init_done) abort(); #ifndef NO_RAND_UNIX_METHOD { unsigned char buf[INIT_BYTES]; if ((*hc_rand_unix_method.bytes)(buf, sizeof(buf)) == 1) { add_entropy(&main_state, buf, sizeof(buf)); entropy_p = 1; memset(buf, 0, sizeof(buf)); } } #endif #ifdef HAVE_ARC4RANDOM { uint32_t buf[INIT_BYTES / sizeof(uint32_t)]; int i; for (i = 0; i < sizeof(buf)/sizeof(buf[0]); i++) buf[i] = arc4random(); add_entropy(&main_state, (void *)buf, sizeof(buf)); entropy_p = 1; } #endif /* * Fall back to gattering data from timer and secret files, this * is really the last resort. */ if (!entropy_p) { /* to save stackspace */ union { unsigned char buf[INIT_BYTES]; unsigned char shad[1001]; } u; int fd; /* add timer info */ if ((*hc_rand_timer_method.bytes)(u.buf, sizeof(u.buf)) == 1) add_entropy(&main_state, u.buf, sizeof(u.buf)); /* add /etc/shadow */ fd = open("/etc/shadow", O_RDONLY, 0); if (fd >= 0) { ssize_t n; rk_cloexec(fd); /* add_entropy will hash the buf */ while ((n = read(fd, (char *)u.shad, sizeof(u.shad))) > 0) add_entropy(&main_state, u.shad, sizeof(u.shad)); close(fd); } memset(&u, 0, sizeof(u)); entropy_p = 1; /* sure about this ? */ } { pid_t pid = getpid(); add_entropy(&main_state, (void *)&pid, sizeof(pid)); } { struct timeval tv; gettimeofday(&tv, NULL); add_entropy(&main_state, (void *)&tv, sizeof(tv)); } #ifdef HAVE_GETUID { uid_t u = getuid(); add_entropy(&main_state, (void *)&u, sizeof(u)); } #endif return entropy_p; }