/*
crypto.c -- Cryptographic miscellaneous functions and initialisation
- Copyright (C) 2007 Guus Sliepen <guus@tinc-vpn.org>
+ Copyright (C) 2007-2021 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-
- $Id$
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
-#include "system.h"
+#include "../system.h"
#include <openssl/rand.h>
-#include <openssl/evp.h>
#include <openssl/engine.h>
-#include "crypto.h"
+#include "../crypto.h"
+
+#ifndef HAVE_MINGW
+
+static int random_fd = -1;
+
+static void random_init(void) {
+ random_fd = open("/dev/urandom", O_RDONLY);
+
+ if(random_fd < 0) {
+ random_fd = open("/dev/random", O_RDONLY);
+ }
+
+ if(random_fd < 0) {
+ fprintf(stderr, "Could not open source of random numbers: %s\n", strerror(errno));
+ abort();
+ }
+}
+
+static void random_exit(void) {
+ close(random_fd);
+}
+
+void randomize(void *vout, size_t outlen) {
+ uint8_t *out = vout;
+
+ while(outlen) {
+ ssize_t len = read(random_fd, out, outlen);
-void crypto_init() {
- RAND_load_file("/dev/urandom", 1024);
+ if(len <= 0) {
+ if(len == -1 && (errno == EAGAIN || errno == EINTR)) {
+ continue;
+ }
- ENGINE_load_builtin_engines();
- ENGINE_register_all_complete();
+ fprintf(stderr, "Could not read random numbers: %s\n", strerror(errno));
+ abort();
+ }
- OpenSSL_add_all_algorithms();
+ out += len;
+ outlen -= len;
+ }
}
-void crypto_exit() {
- EVP_cleanup();
+#else
+
+#include <wincrypt.h>
+HCRYPTPROV prov;
+
+static void random_init(void) {
+ if(!CryptAcquireContext(&prov, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
+ fprintf(stderr, "CryptAcquireContext() failed!\n");
+ abort();
+ }
+}
+
+static void random_exit(void) {
+ CryptReleaseContext(prov, 0);
}
void randomize(void *out, size_t outlen) {
- RAND_pseudo_bytes(out, outlen);
+ if(!CryptGenRandom(prov, outlen, out)) {
+ fprintf(stderr, "CryptGenRandom() failed\n");
+ abort();
+ }
+}
+
+#endif
+
+void crypto_init(void) {
+ random_init();
+
+ ENGINE_load_builtin_engines();
+
+ if(!RAND_status()) {
+ fprintf(stderr, "Not enough entropy for the PRNG!\n");
+ abort();
+ }
+}
+
+void crypto_exit(void) {
+ random_exit();
}