2 Unix SMB/Netbios implementation.
5 Functions to create reasonable random numbers for crypto use.
7 Copyright (C) Jeremy Allison 1998
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
26 extern int DEBUGLEVEL;
27 static uint32 counter = 0;
30 /****************************************************************
31 get a 16 byte hash from the contents of a file
32 Note that the hash is not initialised.
33 *****************************************************************/
34 static void do_filehash(char *fname, unsigned char *hash)
36 unsigned char buf[1011]; /* deliberate weird size */
37 unsigned char tmp_md4[16];
40 fd = open(fname,O_RDONLY);
43 while ((n = read(fd, (char *)buf, sizeof(buf))) > 0) {
44 mdfour(tmp_md4, buf, n);
46 hash[n] ^= tmp_md4[n];
53 /****************************************************************
54 Try and get a seed by looking at the atimes of files in a given
55 directory. XOR them into the buf array.
56 *****************************************************************/
58 static void do_dirrand(char *name, unsigned char *buf, int buf_len)
60 void *dp = sys_opendir(name);
66 pstrcpy(fullname, name);
67 fullname_len = strlen(fullname);
69 if(fullname_len + 2 > sizeof(pstring))
72 if(fullname[fullname_len] != '/') {
73 fullname[fullname_len] = '/';
74 fullname[fullname_len+1] = '\0';
75 fullname_len = strlen(fullname);
78 len_left = sizeof(pstring) - fullname_len - 1;
79 pos = &fullname[fullname_len];
84 while ((p = readdirname(dp))) {
87 if(strlen(p) <= len_left)
90 if(sys_stat(fullname,&st) == 0) {
91 SIVAL(buf, ((counter * 4)%(buf_len-4)),
92 IVAL(buf,((counter * 4)%(buf_len-4))) ^ st.st_atime);
94 DEBUG(10,("do_dirrand: value from file %s.\n", fullname));
101 /**************************************************************
102 Try and get a good random number seed. Try a number of
103 different factors. Firstly, try /dev/random and try and
104 read from this. If this fails iterate through /tmp and
105 XOR all the file timestamps. If this fails then just use
106 a combination of pid and time of day (yes I know this
107 sucks :-). Finally md4 the result.
109 The result goes in a 16 byte buffer passed from the caller
110 **************************************************************/
112 static void do_reseed(unsigned char *md4_outbuf)
114 unsigned char md4_inbuf[40];
115 BOOL got_random = False;
122 memset(md4_inbuf, '\0', sizeof(md4_inbuf));
124 fd = open( "/dev/random", O_RDONLY);
127 * We can use /dev/random !
129 if(read(fd, md4_inbuf, 40) == 40) {
131 DEBUG(10,("do_reseed: got 40 bytes from /dev/random.\n"));
138 * /dev/random failed - try /tmp/ for timestamps.
140 do_dirrand("/tmp", md4_inbuf, sizeof(md4_inbuf));
141 do_dirrand("/dev", md4_inbuf, sizeof(md4_inbuf));
144 /* possibly add in some secret file contents */
145 do_filehash("/etc/shadow", &md4_inbuf[0]);
146 do_filehash(SMB_PASSWD_FILE, &md4_inbuf[16]);
148 /* add in the root encrypted password. On any system where security is taken
149 seriously this will be secret */
150 pw = getpwnam("root");
153 unsigned char md4_tmp[16];
154 mdfour(md4_tmp, pw->pw_passwd, strlen(pw->pw_passwd));
156 md4_inbuf[8+i] ^= md4_tmp[i];
160 * Finally add the counter, time of day, and pid.
164 v1 = (counter++) + mypid + tval.tv_sec;
165 v2 = (counter++) * mypid + tval.tv_usec;
167 SIVAL(md4_inbuf, 32, v1 ^ IVAL(md4_inbuf, 32));
168 SIVAL(md4_inbuf, 36, v2 ^ IVAL(md4_inbuf, 36));
170 mdfour(md4_outbuf, md4_inbuf, sizeof(md4_inbuf));
173 /*******************************************************************
174 Interface to the (hopefully) good crypto random number generator.
175 ********************************************************************/
177 void generate_random_buffer( unsigned char *out, int len, BOOL re_seed)
179 static BOOL done_reseed = False;
180 unsigned char tmp_buf[16];
181 unsigned char md4_buf[16];
184 if(!done_reseed || re_seed) {
190 * Generate random numbers in chunks of 64 bytes,
191 * then md4 them & copy to the output buffer.
196 int copy_len = len > 16 ? 16 : len;
197 mdfour(tmp_buf, md4_buf, sizeof(md4_buf));
198 memcpy(md4_buf, tmp_buf, sizeof(md4_buf));
199 memcpy(p, tmp_buf, copy_len);