[gssapi-openssh.git] / openssh / openbsd-compat / bsd-arc4random.c

/*
 * Copyright (c) 1999,2000,2004 Damien Miller <djm@mindrot.org>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

#include "includes.h"
#include "log.h"

RCSID("$Id$");

#ifndef HAVE_ARC4RANDOM

#include <openssl/rand.h>
#include <openssl/rc4.h>
#include <openssl/err.h>

/* Size of key to use */
#define SEED_SIZE 20

/* Number of bytes to reseed after */
#define REKEY_BYTES	(1 << 24)

static int rc4_ready = 0;
static RC4_KEY rc4;

unsigned int
arc4random(void)
{
	unsigned int r = 0;
	static int first_time = 1;

	if (rc4_ready <= 0) {
		if (first_time)
			seed_rng();
		first_time = 0;
		arc4random_stir();
	}

	RC4(&rc4, sizeof(r), (unsigned char *)&r, (unsigned char *)&r);

	rc4_ready -= sizeof(r);
	
	return(r);
}

void
arc4random_stir(void)
{
	unsigned char rand_buf[SEED_SIZE];
	int i;

	memset(&rc4, 0, sizeof(rc4));
	if (RAND_bytes(rand_buf, sizeof(rand_buf)) <= 0)
		fatal("Couldn't obtain random bytes (error %ld)",
		    ERR_get_error());
	RC4_set_key(&rc4, sizeof(rand_buf), rand_buf);

	/*
	 * Discard early keystream, as per recommendations in:
	 * http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps
	 */
	for(i = 0; i <= 256; i += sizeof(rand_buf))
		RC4(&rc4, sizeof(rand_buf), rand_buf, rand_buf);

	memset(rand_buf, 0, sizeof(rand_buf));

	rc4_ready = REKEY_BYTES;
}
#endif /* !HAVE_ARC4RANDOM */
Commit	Line	Data
3c0ef626	1	/*
416fd2a8	2	* Copyright (c) 1999,2000,2004 Damien Miller <djm@mindrot.org>
3c0ef626	3	*
416fd2a8	4	* Permission to use, copy, modify, and distribute this software for any
	5	* purpose with or without fee is hereby granted, provided that the above
	6	* copyright notice and this permission notice appear in all copies.
3c0ef626	7	*
416fd2a8	8	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	9	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	10	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
	11	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	12	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
	13	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
	14	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3c0ef626	15	*/
	16
	17	#include "includes.h"
	18	#include "log.h"
	19
	20	RCSID("$Id$");
	21
	22	#ifndef HAVE_ARC4RANDOM
	23
	24	#include <openssl/rand.h>
	25	#include <openssl/rc4.h>
	26	#include <openssl/err.h>
	27
	28	/* Size of key to use */
	29	#define SEED_SIZE 20
	30
	31	/* Number of bytes to reseed after */
	32	#define REKEY_BYTES (1 << 24)
	33
	34	static int rc4_ready = 0;
	35	static RC4_KEY rc4;
	36
34fee935	37	unsigned int
34fee935	38	arc4random(void)
3c0ef626	39	{
	40	unsigned int r = 0;
	41	static int first_time = 1;
	42
	43	if (rc4_ready <= 0) {
2980ea68	44	if (first_time)
3c0ef626	45	seed_rng();
	46	first_time = 0;
	47	arc4random_stir();
	48	}
	49
	50	RC4(&rc4, sizeof(r), (unsigned char )&r, (unsigned char )&r);
	51
	52	rc4_ready -= sizeof(r);
	53
	54	return(r);
	55	}
	56
34fee935	57	void
34fee935	58	arc4random_stir(void)
3c0ef626	59	{
3c0ef626	60	unsigned char rand_buf[SEED_SIZE];
1b56ff3d	61	int i;
3c0ef626	62
3c0ef626	63	memset(&rc4, 0, sizeof(rc4));
1c14df9e	64	if (RAND_bytes(rand_buf, sizeof(rand_buf)) <= 0)
3c0ef626	65	fatal("Couldn't obtain random bytes (error %ld)",
	66	ERR_get_error());
	67	RC4_set_key(&rc4, sizeof(rand_buf), rand_buf);
1b56ff3d	68
	69	/*
	70	* Discard early keystream, as per recommendations in:
	71	* http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps
	72	*/
	73	for(i = 0; i <= 256; i += sizeof(rand_buf))
	74	RC4(&rc4, sizeof(rand_buf), rand_buf, rand_buf);
	75
3c0ef626	76	memset(rand_buf, 0, sizeof(rand_buf));
	77
	78	rc4_ready = REKEY_BYTES;
	79	}
	80	#endif /* !HAVE_ARC4RANDOM */