X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Frand%2Fmd_rand.c;h=67ac5ac92721293bbaeb41efa7b41cdfa969e33d;hp=87d4bfb75d88c202a64dd04bb7f67c8deb9dafe4;hb=f74fa33bcee6bc84f41442bdd256d838c2cb3c14;hpb=7c8ced94c32131f24d469d2899f3339f77c47aa1

diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index 87d4bfb75d..67ac5ac927 100644
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -123,12 +123,23 @@
 
 #include "e_os.h"
 
+#if !(defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYSNAME_DSPBIOS))
+# include <sys/time.h>
+#endif
+#if defined(OPENSSL_SYS_VXWORKS)
+# include <time.h>
+#endif
+
+#include <openssl/crypto.h>
 #include <openssl/rand.h>
 #include "rand_lcl.h"
 
-#include <openssl/crypto.h>
 #include <openssl/err.h>
 
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
 #ifdef BN_DEBUG
 # define PREDICT
 #endif
@@ -156,6 +167,8 @@ int rand_predictable=0;
 
 const char RAND_version[]="RAND" OPENSSL_VERSION_PTEXT;
 
+static void rand_hw_seed(EVP_MD_CTX *ctx);
+
 static void ssleay_rand_cleanup(void);
 static int ssleay_rand_seed(const void *buf, int num);
 static int ssleay_rand_add(const void *buf, int num, double add_entropy);
@@ -164,7 +177,7 @@ static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num);
 static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);
 static int ssleay_rand_status(void);
 
-RAND_METHOD rand_ssleay_meth={
+static RAND_METHOD rand_ssleay_meth={
 	ssleay_rand_seed,
 	ssleay_rand_nopseudo_bytes,
 	ssleay_rand_cleanup,
@@ -199,6 +212,9 @@ static int ssleay_rand_add(const void *buf, int num, double add)
 	int do_not_lock;
 	int rv = 0;
 
+	if (!num)
+		return;
+
 	/*
 	 * (Based on the rand(3) manpage)
 	 *
@@ -355,7 +371,28 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
 #ifndef GETPID_IS_MEANINGLESS
 	pid_t curr_pid = getpid();
 #endif
+	time_t curr_time = time(NULL);
 	int do_stir_pool = 0;
+/* time value for various platforms */
+#ifdef OPENSSL_SYS_WIN32
+	FILETIME tv;
+# ifdef _WIN32_WCE
+	SYSTEMTIME t;
+	GetSystemTime(&t);
+	SystemTimeToFileTime(&t, &tv);
+# else
+	GetSystemTimeAsFileTime(&tv);
+# endif
+#elif defined(OPENSSL_SYS_VXWORKS)
+	struct timespec tv;
+	clock_gettime(CLOCK_REALTIME, &ts);
+#elif defined(OPENSSL_SYSNAME_DSPBIOS)
+	unsigned long long tv, OPENSSL_rdtsc();
+	tv = OPENSSL_rdtsc();
+#else
+	struct timeval tv;
+	gettimeofday(&tv, NULL);
+#endif
 
 #ifdef PREDICT
 	if (rand_predictable)
@@ -484,11 +521,23 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
 #ifndef GETPID_IS_MEANINGLESS
 		if (curr_pid) /* just in the first iteration to save time */
 			{
-			if (!MD_Update(&m,(unsigned char*)&curr_pid,sizeof curr_pid))
+			if (!MD_Update(&m,(unsigned char*)&curr_pid,
+				       sizeof curr_pid))
 				goto err;
 			curr_pid = 0;
 			}
 #endif
+		if (curr_time) /* just in the first iteration to save time */
+			{
+			if (!MD_Update(&m,(unsigned char*)&curr_time,
+				       sizeof curr_time))
+				goto err;
+			if (!MD_Update(&m,(unsigned char*)&tv,
+				       sizeof tv))
+				goto err;
+			curr_time = 0;
+			rand_hw_seed(&m);
+			}
 		if (!MD_Update(&m,local_md,MD_DIGEST_LENGTH))
 			goto err;
 		if (!MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)))
@@ -620,3 +669,79 @@ static int ssleay_rand_status(void)
 	
 	return ret;
 	}
+
+/* rand_hw_seed: get seed data from any available hardware RNG.
+ * only currently supports rdrand.
+ */
+
+/* Adapted from eng_rdrand.c */
+
+#if (defined(__i386)   || defined(__i386__)   || defined(_M_IX86) || \
+     defined(__x86_64) || defined(__x86_64__) || \
+     defined(_M_AMD64) || defined (_M_X64)) && defined(OPENSSL_CPUID_OBJ)
+
+#define RDRAND_CALLS	4
+
+size_t OPENSSL_ia32_rdrand(void);
+extern unsigned int OPENSSL_ia32cap_P[];
+
+static void rand_hw_seed(EVP_MD_CTX *ctx)
+	{
+	int i;
+	if (!(OPENSSL_ia32cap_P[1] & (1<<(62-32))))
+		return;
+	for (i = 0; i < RDRAND_CALLS; i++)
+		{
+		size_t rnd;
+		rnd = OPENSSL_ia32_rdrand();
+		if (rnd == 0)
+			return;
+		MD_Update(ctx, (unsigned char *)&rnd, sizeof(size_t));
+		}
+	}
+
+/* XOR an existing buffer with random data */
+
+void rand_hw_xor(unsigned char *buf, size_t num)
+	{
+	size_t rnd;
+	if (!(OPENSSL_ia32cap_P[1] & (1<<(62-32))))
+		return;
+	while (num >= sizeof(size_t))
+		{
+		rnd = OPENSSL_ia32_rdrand();
+		if (rnd == 0)
+			return;
+		*((size_t *)buf) ^= rnd;
+		buf += sizeof(size_t);
+		num -= sizeof(size_t);
+		}
+	if (num)
+		{
+		rnd = OPENSSL_ia32_rdrand();
+		if (rnd == 0)
+			return;
+		while(num)
+			{
+			*buf ^= rnd & 0xff;
+			rnd >>= 8;
+			buf++;
+			num--;
+			}
+		}
+	}
+
+
+#else
+
+static void rand_hw_seed(EVP_MD_CTX *ctx)
+	{
+	return;
+	}
+
+void rand_hw_xor(unsigned char *buf, size_t num)
+	{
+	return;
+	}
+
+#endif