1 /* 2 * Copyright (c) 2001 Damien Miller. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 */ 24 25 #include "includes.h" 26 27 #define RANDOM_SEED_SIZE 48 28 29 #ifdef WITH_OPENSSL 30 31 #include <sys/types.h> 32 33 #include <errno.h> 34 #include <signal.h> 35 #include <stdlib.h> 36 #include <string.h> 37 #include <unistd.h> 38 39 #include <openssl/rand.h> 40 #include <openssl/crypto.h> 41 #include <openssl/err.h> 42 43 #include "openbsd-compat/openssl-compat.h" 44 45 #include "ssh.h" 46 #include "misc.h" 47 #include "xmalloc.h" 48 #include "atomicio.h" 49 #include "pathnames.h" 50 #include "log.h" 51 #include "sshbuf.h" 52 #include "ssherr.h" 53 54 /* 55 * Portable OpenSSH PRNG seeding: 56 * If OpenSSL has not "internally seeded" itself (e.g. pulled data from 57 * /dev/random), then collect RANDOM_SEED_SIZE bytes of randomness from 58 * PRNGd. 59 */ 60 61 void 62 seed_rng(void) 63 { 64 unsigned char buf[RANDOM_SEED_SIZE]; 65 66 /* Initialise libcrypto */ 67 ssh_libcrypto_init(); 68 69 if (!ssh_compatible_openssl(OPENSSL_VERSION_NUMBER, 70 OpenSSL_version_num())) 71 fatal("OpenSSL version mismatch. Built against %lx, you " 72 "have %lx", (u_long)OPENSSL_VERSION_NUMBER, 73 OpenSSL_version_num()); 74 75 #ifndef OPENSSL_PRNG_ONLY 76 if (RAND_status() == 1) 77 debug3("RNG is ready, skipping seeding"); 78 else { 79 if (seed_from_prngd(buf, sizeof(buf)) == -1) 80 fatal("Could not obtain seed from PRNGd"); 81 RAND_add(buf, sizeof(buf), sizeof(buf)); 82 } 83 #endif /* OPENSSL_PRNG_ONLY */ 84 85 if (RAND_status() != 1) 86 fatal("PRNG is not seeded"); 87 88 /* Ensure arc4random() is primed */ 89 arc4random_buf(buf, sizeof(buf)); 90 explicit_bzero(buf, sizeof(buf)); 91 } 92 93 #else /* WITH_OPENSSL */ 94 95 #include <stdlib.h> 96 #include <string.h> 97 98 /* Actual initialisation is handled in arc4random() */ 99 void 100 seed_rng(void) 101 { 102 unsigned char buf[RANDOM_SEED_SIZE]; 103 104 /* Ensure arc4random() is primed */ 105 arc4random_buf(buf, sizeof(buf)); 106 explicit_bzero(buf, sizeof(buf)); 107 } 108 109 #endif /* WITH_OPENSSL */ 110