2 Unix SMB/Netbios implementation.
5 Functions to create reasonable random numbers for crypto use.
7 Copyright (C) Jeremy Allison 2001
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
26 extern int DEBUGLEVEL
;
29 static unsigned char hash
[258];
30 static uint32 counter
;
31 unsigned char *reseed_data
;
32 size_t reseed_data_size
;
34 /****************************************************************
35 Copy any user given reseed data.
36 *****************************************************************/
38 void set_rand_reseed_data(unsigned char *data
, size_t len
)
44 reseed_data
= (unsigned char *)memdup(data
, len
);
46 reseed_data_size
= len
;
49 /****************************************************************
51 *****************************************************************/
53 static void seed_random_stream(unsigned char *seedval
, size_t seedlen
)
58 for (ind
= 0; ind
< 256; ind
++)
59 hash
[ind
] = (unsigned char)ind
;
61 for( ind
= 0; ind
< 256; ind
++) {
64 j
+= (hash
[ind
] + seedval
[ind
%seedlen
]);
75 /****************************************************************
76 Get datasize bytes worth of random data.
77 *****************************************************************/
79 static void get_random_stream(unsigned char *data
, size_t datasize
)
81 unsigned char index_i
= hash
[256];
82 unsigned char index_j
= hash
[257];
85 for( ind
= 0; ind
< datasize
; ind
++) {
90 index_j
+= hash
[index_i
];
93 hash
[index_i
] = hash
[index_j
];
96 t
= hash
[index_i
] + hash
[index_j
];
104 /****************************************************************
105 Get a 16 byte hash from the contents of a file.
106 Note that the hash is not initialised.
107 *****************************************************************/
109 static void do_filehash(char *fname
, unsigned char *the_hash
)
111 unsigned char buf
[1011]; /* deliberate weird size */
112 unsigned char tmp_md4
[16];
115 fd
= sys_open(fname
,O_RDONLY
,0);
119 while ((n
= read(fd
, (char *)buf
, sizeof(buf
))) > 0) {
120 mdfour(tmp_md4
, buf
, n
);
122 the_hash
[n
] ^= tmp_md4
[n
];
127 /**************************************************************
128 Try and get a good random number seed. Try a number of
129 different factors. Firstly, try /dev/urandom - use if exists.
131 We use /dev/urandom as a read of /dev/random can block if
132 the entropy pool dries up. This leads clients to timeout
133 or be very slow on connect.
135 If we can't use /dev/urandom then seed the stream random generator
137 **************************************************************/
139 static int do_reseed(BOOL use_fd
, int fd
)
141 unsigned char seed_inbuf
[40];
142 uint32 v1
, v2
; struct timeval tval
; pid_t mypid
;
149 fd
= sys_open( "/dev/urandom", O_RDONLY
,0);
155 memset(seed_inbuf
, '\0', sizeof(seed_inbuf
));
158 /* Add in some secret file contents */
160 do_filehash("/etc/shadow", &seed_inbuf
[0]);
162 do_filehash(lp_tdb_passwd_file(), &seed_inbuf
[16]);
164 do_filehash(lp_smb_passwd_file(), &seed_inbuf
[16]);
168 * Add in the root encrypted password.
169 * On any system where security is taken
170 * seriously this will be secret.
173 pw
= sys_getpwnam("root");
174 if (pw
&& pw
->pw_passwd
) {
176 unsigned char md4_tmp
[16];
177 mdfour(md4_tmp
, (unsigned char *)pw
->pw_passwd
, strlen(pw
->pw_passwd
));
179 seed_inbuf
[8+i
] ^= md4_tmp
[i
];
183 * Add the counter, time of day, and pid.
187 mypid
= sys_getpid();
188 v1
= (counter
++) + mypid
+ tval
.tv_sec
;
189 v2
= (counter
++) * mypid
+ tval
.tv_usec
;
191 SIVAL(seed_inbuf
, 32, v1
^ IVAL(seed_inbuf
, 32));
192 SIVAL(seed_inbuf
, 36, v2
^ IVAL(seed_inbuf
, 36));
195 * Add any user-given reseed data.
200 for (i
= 0; i
< sizeof(seed_inbuf
); i
++)
201 seed_inbuf
[i
] ^= reseed_data
[i
% reseed_data_size
];
204 seed_random_stream(seed_inbuf
, sizeof(seed_inbuf
));
209 /*******************************************************************
210 Interface to the (hopefully) good crypto random number generator.
211 ********************************************************************/
213 void generate_random_buffer( unsigned char *out
, int len
, BOOL do_reseed_now
)
215 static BOOL done_reseed
= False
;
216 static int urand_fd
= -1;
217 unsigned char md4_buf
[64];
218 unsigned char tmp_buf
[16];
221 if(!done_reseed
|| do_reseed_now
) {
222 urand_fd
= do_reseed(True
, urand_fd
);
226 if (urand_fd
!= -1 && len
> 0) {
228 if (read(urand_fd
, out
, len
) == len
)
229 return; /* len bytes of random data read from urandom. */
231 /* Read of urand error, drop back to non urand method. */
234 do_reseed(False
, -1);
239 * Generate random numbers in chunks of 64 bytes,
240 * then md4 them & copy to the output buffer.
241 * This way the raw state of the stream is never externally
247 int copy_len
= len
> 16 ? 16 : len
;
249 get_random_stream(md4_buf
, sizeof(md4_buf
));
250 mdfour(tmp_buf
, md4_buf
, sizeof(md4_buf
));
251 memcpy(p
, tmp_buf
, copy_len
);
257 /*******************************************************************
258 Use the random number generator to generate a random string.
259 ********************************************************************/
261 static char c_list
[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+_-#.,";
263 char *generate_random_str(size_t len
)
265 static unsigned char retstr
[256];
268 memset(retstr
, '\0', sizeof(retstr
));
270 if (len
> sizeof(retstr
)-1)
271 len
= sizeof(retstr
) -1;
272 generate_random_buffer( retstr
, len
, False
);
273 for (i
= 0; i
< len
; i
++)
274 retstr
[i
] = c_list
[ retstr
[i
] % sizeof(c_list
) ];
278 return (char *)retstr
;