1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 /* _ _
18 * _ __ ___ ___ __| | ___ ___| | mod_ssl
19 * | '_ ` _ \ / _ \ / _` | / __/ __| | Apache Interface to OpenSSL
20 * | | | | | | (_) | (_| | \__ \__ \ |
21 * |_| |_| |_|\___/ \__,_|___|___/___/_|
22 * |_____|
23 * ssl_engine_rand.c
24 * Random Number Generator Seeding
25 */
26 /* ``The generation of random
27 numbers is too important
28 to be left to chance.'' */
29
30 #include "ssl_private.h"
31
32 /* _________________________________________________________________
33 **
34 ** Support for better seeding of SSL library's RNG
35 ** _________________________________________________________________
36 */
37
38 static int ssl_rand_choosenum(int, int);
39 static int ssl_rand_feedfp(apr_pool_t *, apr_file_t *, int);
40
ssl_rand_seed(server_rec * s,apr_pool_t * p,ssl_rsctx_t nCtx,char * prefix)41 int ssl_rand_seed(server_rec *s, apr_pool_t *p, ssl_rsctx_t nCtx, char *prefix)
42 {
43 SSLModConfigRec *mc;
44 apr_array_header_t *apRandSeed;
45 ssl_randseed_t *pRandSeeds;
46 ssl_randseed_t *pRandSeed;
47 unsigned char stackdata[256];
48 int nDone;
49 apr_file_t *fp;
50 int i, n, l;
51
52 mc = myModConfig(s);
53 nDone = 0;
54 apRandSeed = mc->aRandSeed;
55 pRandSeeds = (ssl_randseed_t *)apRandSeed->elts;
56 for (i = 0; i < apRandSeed->nelts; i++) {
57 pRandSeed = &pRandSeeds[i];
58 if (pRandSeed->nCtx == nCtx) {
59 if (pRandSeed->nSrc == SSL_RSSRC_FILE) {
60 /*
61 * seed in contents of an external file
62 */
63 if (apr_file_open(&fp, pRandSeed->cpPath,
64 APR_READ, APR_OS_DEFAULT, p) != APR_SUCCESS)
65 continue;
66 nDone += ssl_rand_feedfp(p, fp, pRandSeed->nBytes);
67 apr_file_close(fp);
68 }
69 else if (pRandSeed->nSrc == SSL_RSSRC_EXEC) {
70 const char *cmd = pRandSeed->cpPath;
71 const char **argv = apr_palloc(p, sizeof(char *) * 3);
72 /*
73 * seed in contents generated by an external program
74 */
75 argv[0] = cmd;
76 argv[1] = apr_itoa(p, pRandSeed->nBytes);
77 argv[2] = NULL;
78
79 if ((fp = ssl_util_ppopen(s, p, cmd, argv)) == NULL)
80 continue;
81 nDone += ssl_rand_feedfp(p, fp, pRandSeed->nBytes);
82 ssl_util_ppclose(s, p, fp);
83 }
84 #ifdef HAVE_RAND_EGD
85 else if (pRandSeed->nSrc == SSL_RSSRC_EGD) {
86 /*
87 * seed in contents provided by the external
88 * Entropy Gathering Daemon (EGD)
89 */
90 if ((n = RAND_egd(pRandSeed->cpPath)) == -1)
91 continue;
92 nDone += n;
93 }
94 #endif
95 else if (pRandSeed->nSrc == SSL_RSSRC_BUILTIN) {
96 struct {
97 time_t t;
98 pid_t pid;
99 } my_seed;
100
101 /*
102 * seed in the current time (usually just 4 bytes)
103 */
104 my_seed.t = time(NULL);
105
106 /*
107 * seed in the current process id (usually just 4 bytes)
108 */
109 my_seed.pid = mc->pid;
110
111 l = sizeof(my_seed);
112 RAND_seed((unsigned char *)&my_seed, l);
113 nDone += l;
114
115 /*
116 * seed in some current state of the run-time stack (128 bytes)
117 */
118 n = ssl_rand_choosenum(0, sizeof(stackdata)-128-1);
119 RAND_seed(stackdata+n, 128);
120 nDone += 128;
121
122 }
123 }
124 }
125 ap_log_error(APLOG_MARK, APLOG_TRACE2, 0, s,
126 "%sSeeding PRNG with %d bytes of entropy", prefix, nDone);
127
128 if (RAND_status() == 0)
129 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s, APLOGNO(01990)
130 "%sPRNG still contains insufficient entropy!", prefix);
131
132 return nDone;
133 }
134
135 #define BUFSIZE 8192
136
ssl_rand_feedfp(apr_pool_t * p,apr_file_t * fp,int nReq)137 static int ssl_rand_feedfp(apr_pool_t *p, apr_file_t *fp, int nReq)
138 {
139 apr_size_t nDone;
140 unsigned char caBuf[BUFSIZE];
141 apr_size_t nBuf;
142 apr_size_t nRead;
143 apr_size_t nTodo;
144
145 nDone = 0;
146 nRead = BUFSIZE;
147 nTodo = nReq;
148 while (1) {
149 if (nReq > 0)
150 nRead = (nTodo < BUFSIZE ? nTodo : BUFSIZE);
151 nBuf = nRead;
152 if (apr_file_read(fp, caBuf, &nBuf) != APR_SUCCESS)
153 break;
154 RAND_seed(caBuf, nBuf);
155 nDone += nBuf;
156 if (nReq > 0) {
157 nTodo -= nBuf;
158 if (nTodo <= 0)
159 break;
160 }
161 }
162 return nDone;
163 }
164
ssl_rand_choosenum(int l,int h)165 static int ssl_rand_choosenum(int l, int h)
166 {
167 int i;
168 char buf[50];
169
170 apr_snprintf(buf, sizeof(buf), "%.0f",
171 (((double)(rand()%RAND_MAX)/RAND_MAX)*(h-l)));
172 i = atoi(buf)+1;
173 if (i < l) i = l;
174 if (i > h) i = h;
175 return i;
176 }
177
178