1 /* 2 * Copyright (c) 1996, David Mazieres <dm@uun.org> 3 * Copyright (c) 2008, Damien Miller <djm@openbsd.org> 4 * Copyright (c) 2013, Markus Friedl <markus@openbsd.org> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 #include "includes.h" 20 21 #ifndef SSH_RANDOM_DEV 22 # define SSH_RANDOM_DEV "/dev/urandom" 23 #endif /* SSH_RANDOM_DEV */ 24 25 #include <sys/types.h> 26 #ifdef HAVE_SYS_RANDOM_H 27 # include <sys/random.h> 28 #endif 29 30 #include <fcntl.h> 31 #include <stdlib.h> 32 #include <string.h> 33 #include <unistd.h> 34 #ifdef WITH_OPENSSL 35 #include <openssl/rand.h> 36 #include <openssl/err.h> 37 #endif 38 39 #include "log.h" 40 41 int 42 _ssh_compat_getentropy(void *s, size_t len) 43 { 44 #if defined(WITH_OPENSSL) && defined(OPENSSL_PRNG_ONLY) 45 if (RAND_bytes(s, len) <= 0) 46 fatal("Couldn't obtain random bytes (error 0x%lx)", 47 (unsigned long)ERR_get_error()); 48 #else 49 int fd, save_errno; 50 ssize_t r; 51 size_t o = 0; 52 53 #ifdef WITH_OPENSSL 54 if (RAND_bytes(s, len) == 1) 55 return 0; 56 #endif 57 #ifdef HAVE_GETENTROPY 58 if ((r = getentropy(s, len)) == 0) 59 return 0; 60 #endif /* HAVE_GETENTROPY */ 61 #ifdef HAVE_GETRANDOM 62 if ((r = getrandom(s, len, 0)) > 0 && (size_t)r == len) 63 return 0; 64 #endif /* HAVE_GETRANDOM */ 65 66 if ((fd = open(SSH_RANDOM_DEV, O_RDONLY)) == -1) { 67 save_errno = errno; 68 /* Try egd/prngd before giving up. */ 69 if (seed_from_prngd(s, len) == 0) 70 return 0; 71 fatal("Couldn't open %s: %s", SSH_RANDOM_DEV, 72 strerror(save_errno)); 73 } 74 while (o < len) { 75 r = read(fd, (u_char *)s + o, len - o); 76 if (r < 0) { 77 if (errno == EAGAIN || errno == EINTR || 78 errno == EWOULDBLOCK) 79 continue; 80 fatal("read %s: %s", SSH_RANDOM_DEV, strerror(errno)); 81 } 82 o += r; 83 } 84 close(fd); 85 #endif /* WITH_OPENSSL */ 86 return 0; 87 } 88