libtommath: Fix possible integer overflow CVE-2023-36328
[heimdal.git] / lib / hcrypto / rand-unix.c
blob2d6013eb348e4fe4e5291d43250483118056a59f
1 /*
2 * Copyright (c) 2006 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
34 #include <config.h>
35 #include <roken.h>
37 #include <rand.h>
38 #include <heim_threads.h>
40 #include "randi.h"
43 * Unix /dev/random
46 int
47 _hc_unix_device_fd(int flags, const char **fn)
49 static const char *rnd_devices[] = {
50 "/dev/urandom",
51 "/dev/random",
52 "/dev/srandom",
53 "/dev/arandom",
54 NULL
56 const char **p;
58 for(p = rnd_devices; *p; p++) {
59 int fd = open(*p, flags | O_NDELAY);
60 if(fd >= 0) {
61 if (fn)
62 *fn = *p;
63 rk_cloexec(fd);
64 return fd;
67 return -1;
70 static void
71 unix_seed(const void *p, int size)
73 const unsigned char *indata = p;
74 ssize_t count;
75 int fd;
77 if (size < 0)
78 return;
79 else if (size == 0)
80 return;
82 fd = _hc_unix_device_fd(O_RDONLY, NULL);
83 if (fd < 0)
84 return;
86 while (size > 0) {
87 count = write(fd, indata, size);
88 if (count < 0 && errno == EINTR)
89 continue;
90 else if (count <= 0) {
91 close(fd);
92 return;
94 indata += count;
95 size -= count;
97 close(fd);
101 static int
102 unix_bytes(unsigned char *outdata, int size)
104 ssize_t count;
105 int fd;
107 if (size < 0)
108 return 0;
109 else if (size == 0)
110 return 1;
112 fd = _hc_unix_device_fd(O_RDONLY, NULL);
113 if (fd < 0)
114 return 0;
116 while (size > 0) {
117 count = read(fd, outdata, size);
118 if (count < 0 && errno == EINTR)
119 continue;
120 else if (count <= 0) {
121 close(fd);
122 return 0;
124 outdata += count;
125 size -= count;
127 close(fd);
129 return 1;
132 static void
133 unix_cleanup(void)
137 static void
138 unix_add(const void *indata, int size, double entropi)
140 unix_seed(indata, size);
143 static int
144 unix_pseudorand(unsigned char *outdata, int size)
146 return unix_bytes(outdata, size);
149 static int
150 unix_status(void)
152 int fd;
154 fd = _hc_unix_device_fd(O_RDONLY, NULL);
155 if (fd < 0)
156 return 0;
157 close(fd);
159 return 1;
162 const RAND_METHOD hc_rand_unix_method = {
163 unix_seed,
164 unix_bytes,
165 unix_cleanup,
166 unix_add,
167 unix_pseudorand,
168 unix_status
171 const RAND_METHOD *
172 RAND_unix_method(void)
174 return &hc_rand_unix_method;