2 Unix SMB/Netbios implementation.
5 Functions to create reasonable random numbers for crypto use.
7 Copyright (C) Jeremy Allison 2001
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
26 static unsigned char hash
[258];
27 static uint32 counter
;
28 unsigned char *reseed_data
;
29 size_t reseed_data_size
;
31 /****************************************************************
32 Copy any user given reseed data.
33 *****************************************************************/
35 void set_rand_reseed_data(unsigned char *data
, size_t len
)
37 SAFE_FREE(reseed_data
);
40 reseed_data
= (unsigned char *)memdup(data
, len
);
42 reseed_data_size
= len
;
45 /****************************************************************
47 *****************************************************************/
49 static void seed_random_stream(unsigned char *seedval
, size_t seedlen
)
54 for (ind
= 0; ind
< 256; ind
++)
55 hash
[ind
] = (unsigned char)ind
;
57 for( ind
= 0; ind
< 256; ind
++) {
60 j
+= (hash
[ind
] + seedval
[ind
%seedlen
]);
71 /****************************************************************
72 Get datasize bytes worth of random data.
73 *****************************************************************/
75 static void get_random_stream(unsigned char *data
, size_t datasize
)
77 unsigned char index_i
= hash
[256];
78 unsigned char index_j
= hash
[257];
81 for( ind
= 0; ind
< datasize
; ind
++) {
86 index_j
+= hash
[index_i
];
89 hash
[index_i
] = hash
[index_j
];
92 t
= hash
[index_i
] + hash
[index_j
];
100 /****************************************************************
101 Get a 16 byte hash from the contents of a file.
102 Note that the hash is not initialised.
103 *****************************************************************/
105 static void do_filehash(const char *fname
, unsigned char *the_hash
)
107 unsigned char buf
[1011]; /* deliberate weird size */
108 unsigned char tmp_md4
[16];
111 fd
= sys_open(fname
,O_RDONLY
,0);
115 while ((n
= read(fd
, (char *)buf
, sizeof(buf
))) > 0) {
116 mdfour(tmp_md4
, buf
, n
);
118 the_hash
[n
] ^= tmp_md4
[n
];
123 /**************************************************************
124 Try and get a good random number seed. Try a number of
125 different factors. Firstly, try /dev/urandom - use if exists.
127 We use /dev/urandom as a read of /dev/random can block if
128 the entropy pool dries up. This leads clients to timeout
129 or be very slow on connect.
131 If we can't use /dev/urandom then seed the stream random generator
133 **************************************************************/
135 static int do_reseed(BOOL use_fd
, int fd
)
137 unsigned char seed_inbuf
[40];
138 uint32 v1
, v2
; struct timeval tval
; pid_t mypid
;
145 fd
= sys_open( "/dev/urandom", O_RDONLY
,0);
151 memset(seed_inbuf
, '\0', sizeof(seed_inbuf
));
154 /* Add in some secret file contents */
156 do_filehash("/etc/shadow", &seed_inbuf
[0]);
158 do_filehash(lp_tdb_passwd_file(), &seed_inbuf
[16]);
160 do_filehash(lp_smb_passwd_file(), &seed_inbuf
[16]);
164 * Add in the root encrypted password.
165 * On any system where security is taken
166 * seriously this will be secret.
169 pw
= sys_getpwnam("root");
170 if (pw
&& pw
->pw_passwd
) {
172 unsigned char md4_tmp
[16];
173 mdfour(md4_tmp
, (unsigned char *)pw
->pw_passwd
, strlen(pw
->pw_passwd
));
175 seed_inbuf
[8+i
] ^= md4_tmp
[i
];
179 * Add the counter, time of day, and pid.
183 mypid
= sys_getpid();
184 v1
= (counter
++) + mypid
+ tval
.tv_sec
;
185 v2
= (counter
++) * mypid
+ tval
.tv_usec
;
187 SIVAL(seed_inbuf
, 32, v1
^ IVAL(seed_inbuf
, 32));
188 SIVAL(seed_inbuf
, 36, v2
^ IVAL(seed_inbuf
, 36));
191 * Add any user-given reseed data.
196 for (i
= 0; i
< sizeof(seed_inbuf
); i
++)
197 seed_inbuf
[i
] ^= reseed_data
[i
% reseed_data_size
];
200 seed_random_stream(seed_inbuf
, sizeof(seed_inbuf
));
205 /*******************************************************************
206 Interface to the (hopefully) good crypto random number generator.
207 ********************************************************************/
209 void generate_random_buffer( unsigned char *out
, int len
, BOOL do_reseed_now
)
211 static BOOL done_reseed
= False
;
212 static int urand_fd
= -1;
213 unsigned char md4_buf
[64];
214 unsigned char tmp_buf
[16];
217 if(!done_reseed
|| do_reseed_now
) {
218 urand_fd
= do_reseed(True
, urand_fd
);
222 if (urand_fd
!= -1 && len
> 0) {
224 if (read(urand_fd
, out
, len
) == len
)
225 return; /* len bytes of random data read from urandom. */
227 /* Read of urand error, drop back to non urand method. */
230 do_reseed(False
, -1);
235 * Generate random numbers in chunks of 64 bytes,
236 * then md4 them & copy to the output buffer.
237 * This way the raw state of the stream is never externally
243 int copy_len
= len
> 16 ? 16 : len
;
245 get_random_stream(md4_buf
, sizeof(md4_buf
));
246 mdfour(tmp_buf
, md4_buf
, sizeof(md4_buf
));
247 memcpy(p
, tmp_buf
, copy_len
);
253 /*******************************************************************
254 Use the random number generator to generate a random string.
255 ********************************************************************/
257 static char c_list
[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+_-#.,";
259 char *generate_random_str(size_t len
)
261 static unsigned char retstr
[256];
264 memset(retstr
, '\0', sizeof(retstr
));
266 if (len
> sizeof(retstr
)-1)
267 len
= sizeof(retstr
) -1;
268 generate_random_buffer( retstr
, len
, False
);
269 for (i
= 0; i
< len
; i
++)
270 retstr
[i
] = c_list
[ retstr
[i
] % sizeof(c_list
) ];
274 return (char *)retstr
;