/*
crypto.c -- Cryptographic miscellaneous functions and initialisation
- Copyright (C) 2007-2013 Guus Sliepen <guus@tinc-vpn.org>
+ Copyright (C) 2007-2021 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
#include "../system.h"
#include <openssl/rand.h>
-#include <openssl/evp.h>
#include <openssl/engine.h>
#include "../crypto.h"
-void crypto_init(void) {
- RAND_load_file("/dev/urandom", 1024);
+#ifndef HAVE_MINGW
- ENGINE_load_builtin_engines();
- ENGINE_register_all_complete();
+static int random_fd = -1;
+
+static void random_init(void) {
+ random_fd = open("/dev/urandom", O_RDONLY);
+
+ if(random_fd < 0) {
+ random_fd = open("/dev/random", O_RDONLY);
+ }
- OpenSSL_add_all_algorithms();
+ if(random_fd < 0) {
+ fprintf(stderr, "Could not open source of random numbers: %s\n", strerror(errno));
+ abort();
+ }
}
-void crypto_exit(void) {
- EVP_cleanup();
+static void random_exit(void) {
+ close(random_fd);
+}
+
+void randomize(void *vout, size_t outlen) {
+ uint8_t *out = vout;
+
+ while(outlen) {
+ ssize_t len = read(random_fd, out, outlen);
+
+ if(len <= 0) {
+ if(len == -1 && (errno == EAGAIN || errno == EINTR)) {
+ continue;
+ }
+
+ fprintf(stderr, "Could not read random numbers: %s\n", strerror(errno));
+ abort();
+ }
+
+ out += len;
+ outlen -= len;
+ }
+}
+
+#else
+
+#include <wincrypt.h>
+HCRYPTPROV prov;
+
+void random_init(void) {
+ if(!CryptAcquireContext(&prov, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
+ fprintf(stderr, "CryptAcquireContext() failed!\n");
+ abort();
+ }
+}
+
+void random_exit(void) {
+ CryptReleaseContext(prov, 0);
}
void randomize(void *out, size_t outlen) {
- RAND_pseudo_bytes(out, outlen);
+ if(!CryptGenRandom(prov, outlen, out)) {
+ fprintf(stderr, "CryptGenRandom() failed\n");
+ abort();
+ }
+}
+
+#endif
+
+void crypto_init(void) {
+ random_init();
+
+ ENGINE_load_builtin_engines();
+
+ if(!RAND_status()) {
+ fprintf(stderr, "Not enough entropy for the PRNG!\n");
+ abort();
+ }
+}
+
+void crypto_exit(void) {
+ random_exit();
}