blob: 0769ed15128074e46c353c62cb4f7a70ab14d036 [file] [log] [blame]
Elliott Hughescee03382017-06-23 12:17:18 -07001/***************************************************************************
2 * _ _ ____ _
3 * Project ___| | | | _ \| |
4 * / __| | | | |_) | |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
7 *
Elliott Hughes82be86d2017-09-20 17:00:17 -07008 * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
Elliott Hughescee03382017-06-23 12:17:18 -07009 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.haxx.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 ***************************************************************************/
22
23#include "curl_setup.h"
24
Elliott Hughes82be86d2017-09-20 17:00:17 -070025#ifdef HAVE_FCNTL_H
Elliott Hughescee03382017-06-23 12:17:18 -070026#include <fcntl.h>
Elliott Hughes82be86d2017-09-20 17:00:17 -070027#endif
Elliott Hughescee03382017-06-23 12:17:18 -070028
29#include <curl/curl.h>
30#include "vtls/vtls.h"
31#include "sendf.h"
32#include "rand.h"
33
34/* The last 3 #include files should be in this order */
35#include "curl_printf.h"
36#include "curl_memory.h"
37#include "memdebug.h"
38
39static CURLcode randit(struct Curl_easy *data, unsigned int *rnd)
40{
41 unsigned int r;
42 CURLcode result = CURLE_OK;
43 static unsigned int randseed;
44 static bool seeded = FALSE;
45
46#ifdef CURLDEBUG
47 char *force_entropy = getenv("CURL_ENTROPY");
48 if(force_entropy) {
49 if(!seeded) {
Elliott Hughes82be86d2017-09-20 17:00:17 -070050 unsigned int seed = 0;
Elliott Hughescee03382017-06-23 12:17:18 -070051 size_t elen = strlen(force_entropy);
Elliott Hughes82be86d2017-09-20 17:00:17 -070052 size_t clen = sizeof(seed);
Elliott Hughescee03382017-06-23 12:17:18 -070053 size_t min = elen < clen ? elen : clen;
Elliott Hughes82be86d2017-09-20 17:00:17 -070054 memcpy((char *)&seed, force_entropy, min);
55 randseed = ntohl(seed);
Elliott Hughescee03382017-06-23 12:17:18 -070056 seeded = TRUE;
57 }
58 else
59 randseed++;
60 *rnd = randseed;
61 return CURLE_OK;
62 }
63#endif
64
65 /* data may be NULL! */
Elliott Hughes82be86d2017-09-20 17:00:17 -070066 result = Curl_ssl_random(data, (unsigned char *)rnd, sizeof(*rnd));
Elliott Hughescee03382017-06-23 12:17:18 -070067 if(result != CURLE_NOT_BUILT_IN)
Elliott Hughes82be86d2017-09-20 17:00:17 -070068 /* only if there is no random function in the TLS backend do the non crypto
Elliott Hughescee03382017-06-23 12:17:18 -070069 version, otherwise return result */
70 return result;
71
72 /* ---- non-cryptographic version following ---- */
73
74#ifdef RANDOM_FILE
75 if(!seeded) {
76 /* if there's a random file to read a seed from, use it */
77 int fd = open(RANDOM_FILE, O_RDONLY);
78 if(fd > -1) {
79 /* read random data into the randseed variable */
80 ssize_t nread = read(fd, &randseed, sizeof(randseed));
81 if(nread == sizeof(randseed))
82 seeded = TRUE;
83 close(fd);
84 }
85 }
86#endif
87
88 if(!seeded) {
Alex Deymo486467e2017-12-19 19:04:07 +010089 struct curltime now = Curl_now();
Elliott Hughescee03382017-06-23 12:17:18 -070090 infof(data, "WARNING: Using weak random seed\n");
91 randseed += (unsigned int)now.tv_usec + (unsigned int)now.tv_sec;
92 randseed = randseed * 1103515245 + 12345;
93 randseed = randseed * 1103515245 + 12345;
94 randseed = randseed * 1103515245 + 12345;
95 seeded = TRUE;
96 }
97
98 /* Return an unsigned 32-bit pseudo-random number. */
99 r = randseed = randseed * 1103515245 + 12345;
100 *rnd = (r << 16) | ((r >> 16) & 0xFFFF);
101 return CURLE_OK;
102}
103
104/*
105 * Curl_rand() stores 'num' number of random unsigned integers in the buffer
106 * 'rndptr' points to.
107 *
108 * If libcurl is built without TLS support or with a TLS backend that lacks a
109 * proper random API (Gskit, PolarSSL or mbedTLS), this function will use
110 * "weak" random.
111 *
112 * When built *with* TLS support and a backend that offers strong random, it
113 * will return error if it cannot provide strong random values.
114 *
115 * NOTE: 'data' may be passed in as NULL when coming from external API without
116 * easy handle!
117 *
118 */
119
Elliott Hughes82be86d2017-09-20 17:00:17 -0700120CURLcode Curl_rand(struct Curl_easy *data, unsigned char *rnd, size_t num)
Elliott Hughescee03382017-06-23 12:17:18 -0700121{
122 CURLcode result = CURLE_BAD_FUNCTION_ARGUMENT;
Elliott Hughescee03382017-06-23 12:17:18 -0700123
Elliott Hughes82be86d2017-09-20 17:00:17 -0700124 DEBUGASSERT(num > 0);
Elliott Hughescee03382017-06-23 12:17:18 -0700125
Elliott Hughes82be86d2017-09-20 17:00:17 -0700126 while(num) {
127 unsigned int r;
128 size_t left = num < sizeof(unsigned int) ? num : sizeof(unsigned int);
129
130 result = randit(data, &r);
Elliott Hughescee03382017-06-23 12:17:18 -0700131 if(result)
132 return result;
Elliott Hughes82be86d2017-09-20 17:00:17 -0700133
134 while(left) {
135 *rnd++ = (unsigned char)(r & 0xFF);
136 r >>= 8;
137 --num;
138 --left;
139 }
Elliott Hughescee03382017-06-23 12:17:18 -0700140 }
Elliott Hughes82be86d2017-09-20 17:00:17 -0700141
142 return result;
143}
144
145/*
146 * Curl_rand_hex() fills the 'rnd' buffer with a given 'num' size with random
147 * hexadecimal digits PLUS a zero terminating byte. It must be an odd number
148 * size.
149 */
150
151CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd,
152 size_t num)
153{
154 CURLcode result = CURLE_BAD_FUNCTION_ARGUMENT;
155 const char *hex = "0123456789abcdef";
156 unsigned char buffer[128];
157 unsigned char *bufp = buffer;
158 DEBUGASSERT(num > 1);
159
Elliott Hughes0128fe42018-02-27 14:57:55 -0800160#ifdef __clang_analyzer__
161 /* This silences a scan-build warning about accesssing this buffer with
162 uninitialized memory. */
163 memset(buffer, 0, sizeof(buffer));
164#endif
165
Elliott Hughes82be86d2017-09-20 17:00:17 -0700166 if((num/2 >= sizeof(buffer)) || !(num&1))
167 /* make sure it fits in the local buffer and that it is an odd number! */
168 return CURLE_BAD_FUNCTION_ARGUMENT;
169
170 num--; /* save one for zero termination */
171
172 result = Curl_rand(data, buffer, num/2);
173 if(result)
174 return result;
175
176 while(num) {
177 *rnd++ = hex[(*bufp & 0xF0)>>4];
178 *rnd++ = hex[*bufp & 0x0F];
179 bufp++;
180 num -= 2;
181 }
182 *rnd = 0;
183
Elliott Hughescee03382017-06-23 12:17:18 -0700184 return result;
185}