diff --git a/ChangeLog b/ChangeLog index f42d38a92..06c8e3b0d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -29,6 +29,9 @@ Changes trade-off * Introduced POLARSSL_MPI_MAX_SIZE and POLARSSL_MPI_MAX_BITS for MPI size management (Closes ticket #44) + * Changed the used random function pointer to more flexible format. Renamed + havege_rand() to havege_random() to prevent mistakes. Lots of changes as + a consequence in library code and programs Bugfix * Fixed faulty HMAC-MD2 implementation. Found by dibac. (Closes diff --git a/include/polarssl/bignum.h b/include/polarssl/bignum.h index 13085570d..12435f728 100644 --- a/include/polarssl/bignum.h +++ b/include/polarssl/bignum.h @@ -539,7 +539,9 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_fill_random( mpi *X, size_t size, int (*f_rng)(void *), void *p_rng ); +int mpi_fill_random( mpi *X, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); /** * \brief Greatest common divisor: G = gcd(A, B) @@ -578,7 +580,9 @@ int mpi_inv_mod( mpi *X, const mpi *A, const mpi *N ); * 1 if memory allocation failed, * POLARSSL_ERR_MPI_NOT_ACCEPTABLE if X is not prime */ -int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng ); +int mpi_is_prime( mpi *X, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); /** * \brief Prime number generation @@ -594,7 +598,8 @@ int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng ); * POLARSSL_ERR_MPI_BAD_INPUT_DATA if nbits is < 3 */ int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag, - int (*f_rng)(void *), void *p_rng ); + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); /** * \brief Checkup routine diff --git a/include/polarssl/dhm.h b/include/polarssl/dhm.h index 1cbfc6c24..52b0bf94a 100644 --- a/include/polarssl/dhm.h +++ b/include/polarssl/dhm.h @@ -90,7 +90,8 @@ int dhm_read_params( dhm_context *ctx, */ int dhm_make_params( dhm_context *ctx, int x_size, unsigned char *output, size_t *olen, - int (*f_rng)(void *), void *p_rng ); + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); /** * \brief Import the peer's public value G^Y @@ -118,7 +119,8 @@ int dhm_read_public( dhm_context *ctx, */ int dhm_make_public( dhm_context *ctx, int x_size, unsigned char *output, size_t olen, - int (*f_rng)(void *), void *p_rng ); + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); /** * \brief Derive and export the shared secret (G^Y)^X mod P diff --git a/include/polarssl/havege.h b/include/polarssl/havege.h index 4be0e5923..48d0f162a 100644 --- a/include/polarssl/havege.h +++ b/include/polarssl/havege.h @@ -27,6 +27,8 @@ #ifndef POLARSSL_HAVEGE_H #define POLARSSL_HAVEGE_H +#include + #define COLLECT_SIZE 1024 /** @@ -55,10 +57,12 @@ void havege_init( havege_state *hs ); * \brief HAVEGE rand function * * \param p_rng A HAVEGE state + * \param output Buffer to fill + * \param len Length of buffer * * \return A random int */ -int havege_rand( void *p_rng ); +int havege_random( void *p_rng, unsigned char *output, size_t len ); #ifdef __cplusplus } diff --git a/include/polarssl/rsa.h b/include/polarssl/rsa.h index c9ecbcd32..629aa0fab 100644 --- a/include/polarssl/rsa.h +++ b/include/polarssl/rsa.h @@ -186,7 +186,7 @@ void rsa_init( rsa_context *ctx, * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code */ int rsa_gen_key( rsa_context *ctx, - int (*f_rng)(void *), + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, unsigned int nbits, int exponent ); @@ -261,7 +261,7 @@ int rsa_private( rsa_context *ctx, * of ctx->N (eg. 128 bytes if RSA-1024 is used). */ int rsa_pkcs1_encrypt( rsa_context *ctx, - int (*f_rng)(void *), + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, @@ -314,7 +314,7 @@ int rsa_pkcs1_decrypt( rsa_context *ctx, * keep both hashes the same. */ int rsa_pkcs1_sign( rsa_context *ctx, - int (*f_rng)(void *), + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, int hash_id, diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h index 5e2cae3ce..02d75c7db 100644 --- a/include/polarssl/ssl.h +++ b/include/polarssl/ssl.h @@ -232,7 +232,7 @@ struct _ssl_context /* * Callbacks (RNG, debug, I/O, verification) */ - int (*f_rng)(void *); + int (*f_rng)(void *, unsigned char *, size_t); void (*f_dbg)(void *, int, const char *); int (*f_recv)(void *, unsigned char *, size_t); int (*f_send)(void *, const unsigned char *, size_t); @@ -438,7 +438,7 @@ void ssl_set_verify( ssl_context *ssl, * \param p_rng RNG parameter */ void ssl_set_rng( ssl_context *ssl, - int (*f_rng)(void *), + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); /** diff --git a/library/bignum.c b/library/bignum.c index 36e78e165..6591b5b67 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1608,18 +1608,16 @@ cleanup: return( ret ); } -int mpi_fill_random( mpi *X, size_t size, int (*f_rng)(void *), void *p_rng ) +int mpi_fill_random( mpi *X, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) { int ret; - size_t k; - unsigned char *p; MPI_CHK( mpi_grow( X, size ) ); MPI_CHK( mpi_lset( X, 0 ) ); - p = (unsigned char *) X->p; - for( k = 0; k < X->n * ciL; k++ ) - *p++ = (unsigned char) f_rng( p_rng ); + MPI_CHK( f_rng( p_rng, (unsigned char *) X->p, X->n * ciL ) ); cleanup: return( ret ); @@ -1750,7 +1748,9 @@ static const int small_prime[] = /* * Miller-Rabin primality test (HAC 4.24) */ -int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng ) +int mpi_is_prime( mpi *X, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) { int ret, xs; size_t i, j, n, s; @@ -1809,7 +1809,7 @@ int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng ) /* * pick a random A, 1 < A < |X| - 1 */ - mpi_fill_random( &A, X->n, f_rng, p_rng ); + MPI_CHK( mpi_fill_random( &A, X->n, f_rng, p_rng ) ); if( mpi_cmp_mpi( &A, &W ) >= 0 ) { @@ -1867,7 +1867,8 @@ cleanup: * Prime number generation */ int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag, - int (*f_rng)(void *), void *p_rng ) + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) { int ret; size_t k, n; @@ -1880,7 +1881,7 @@ int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag, n = BITS_TO_LIMBS( nbits ); - mpi_fill_random( X, n, f_rng, p_rng ); + MPI_CHK( mpi_fill_random( X, n, f_rng, p_rng ) ); k = mpi_msb( X ); if( k < nbits ) MPI_CHK( mpi_shift_l( X, nbits - k ) ); diff --git a/library/dhm.c b/library/dhm.c index 07d722e0d..bddd076d1 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -127,7 +127,8 @@ int dhm_read_params( dhm_context *ctx, */ int dhm_make_params( dhm_context *ctx, int x_size, unsigned char *output, size_t *olen, - int (*f_rng)(void *), void *p_rng ) + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) { int ret, n; size_t n1, n2, n3; @@ -203,7 +204,8 @@ int dhm_read_public( dhm_context *ctx, */ int dhm_make_public( dhm_context *ctx, int x_size, unsigned char *output, size_t olen, - int (*f_rng)(void *), void *p_rng ) + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) { int ret, n; diff --git a/library/havege.c b/library/havege.c index 11c3d289c..ff302c577 100644 --- a/library/havege.c +++ b/library/havege.c @@ -200,18 +200,32 @@ void havege_init( havege_state *hs ) /* * HAVEGE rand function */ -int havege_rand( void *p_rng ) +int havege_random( void *p_rng, unsigned char *buf, size_t len ) { - int ret; + int val; + size_t use_len; havege_state *hs = (havege_state *) p_rng; + unsigned char *p = buf; - if( hs->offset[1] >= COLLECT_SIZE ) - havege_fill( hs ); + while( len > 0 ) + { + use_len = len; + if( use_len > sizeof(int) ) + use_len = sizeof(int); - ret = hs->pool[hs->offset[0]++]; - ret ^= hs->pool[hs->offset[1]++]; + if( hs->offset[1] >= COLLECT_SIZE ) + havege_fill( hs ); - return( ret ); + val = hs->pool[hs->offset[0]++]; + val ^= hs->pool[hs->offset[1]++]; + + memcpy( p, &val, use_len ); + + len -= use_len; + p += use_len; + } + + return( 0 ); } #endif diff --git a/library/rsa.c b/library/rsa.c index 8cadcadd9..3133b2f74 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -58,9 +58,9 @@ void rsa_init( rsa_context *ctx, * Generate an RSA keypair */ int rsa_gen_key( rsa_context *ctx, - int (*f_rng)(void *), - void *p_rng, - unsigned int nbits, int exponent ) + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + unsigned int nbits, int exponent ) { int ret; mpi P1, Q1, H, G; @@ -356,16 +356,16 @@ static void mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, size_ * Add the message padding, then do an RSA operation */ int rsa_pkcs1_encrypt( rsa_context *ctx, - int (*f_rng)(void *), + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output ) { - size_t nb_pad, olen; + size_t nb_pad, olen, ret; unsigned char *p = output; #if defined(POLARSSL_PKCS1_V21) - unsigned int i, hlen; + unsigned int hlen; const md_info_t *md_info; md_context_t md_ctx; #endif @@ -392,13 +392,13 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, int rng_dl = 100; do { - *p = (unsigned char) f_rng( p_rng ); - } while( *p == 0 && --rng_dl ); + ret = f_rng( p_rng, p, 1 ); + } while( *p == 0 && --rng_dl && ret == 0 ); // Check if RNG failed to generate data // - if( rng_dl == 0 ) - return POLARSSL_ERR_RSA_RNG_FAILED; + if( rng_dl == 0 || ret != 0) + return POLARSSL_ERR_RSA_RNG_FAILED + ret; p++; } @@ -427,8 +427,10 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, // Generate a random octet string seed // - for( i = 0; i < hlen; ++i ) - *p++ = (unsigned char) f_rng( p_rng ); + if( ( ret = f_rng( p_rng, p, hlen ) ) != 0 ) + return( POLARSSL_ERR_RSA_RNG_FAILED + ret ); + + p += hlen; // Construct DB // @@ -578,7 +580,7 @@ int rsa_pkcs1_decrypt( rsa_context *ctx, * Do an RSA operation to sign the message digest */ int rsa_pkcs1_sign( rsa_context *ctx, - int (*f_rng)(void *), + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, int hash_id, @@ -590,7 +592,7 @@ int rsa_pkcs1_sign( rsa_context *ctx, unsigned char *p = sig; #if defined(POLARSSL_PKCS1_V21) unsigned char salt[POLARSSL_MD_MAX_SIZE]; - unsigned int i, slen, hlen, offset = 0; + unsigned int slen, hlen, offset = 0, ret; size_t msb; const md_info_t *md_info; md_context_t md_ctx; @@ -757,8 +759,8 @@ int rsa_pkcs1_sign( rsa_context *ctx, // Generate salt of length slen // - for( i = 0; i < slen; ++i ) - salt[i] = (unsigned char) f_rng( p_rng ); + if( ( ret = f_rng( p_rng, salt, slen ) ) != 0 ) + return( POLARSSL_ERR_RSA_RNG_FAILED + ret ); // Note: EMSA-PSS encoding is over the length of N - 1 bits // @@ -1080,12 +1082,17 @@ void rsa_free( rsa_context *ctx ) #define RSA_PT "\xAA\xBB\xCC\x03\x02\x01\x00\xFF\xFF\xFF\xFF\xFF" \ "\x11\x22\x33\x0A\x0B\x0C\xCC\xDD\xDD\xDD\xDD\xDD" -static int myrand( void *rng_state ) +static int myrand( void *rng_state, unsigned char *output, size_t len ) { + size_t i; + if( rng_state != NULL ) rng_state = NULL; - return( rand() ); + for( i = 0; i < len; ++i ) + output[i] = rand(); + + return( 0 ); } /* diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 864415153..a7900e40d 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -81,8 +81,10 @@ static int ssl_write_client_hello( ssl_context *ssl ) SSL_DEBUG_MSG( 3, ( "client hello, current time: %lu", t ) ); - for( i = 28; i > 0; i-- ) - *p++ = (unsigned char) ssl->f_rng( ssl->p_rng ); + if( ( ret = ssl->f_rng( ssl->p_rng, p, 28 ) ) != 0 ) + return( ret ); + + p += 28; memcpy( ssl->randbytes, buf + 6, 32 ); @@ -583,8 +585,9 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) ssl->premaster[1] = (unsigned char) ssl->max_minor_ver; ssl->pmslen = 48; - for( i = 2; i < ssl->pmslen; i++ ) - ssl->premaster[i] = (unsigned char) ssl->f_rng( ssl->p_rng ); + ret = ssl->f_rng( ssl->p_rng, ssl->premaster + 2, ssl->pmslen - 2 ); + if( ret != 0 ) + return( ret ); i = 4; n = ssl->peer_cert->rsa.len; diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 217552379..57de3b18b 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -359,7 +359,7 @@ have_ciphersuite: static int ssl_write_server_hello( ssl_context *ssl ) { time_t t; - int ret, i, n; + int ret, n; unsigned char *buf, *p; SSL_DEBUG_MSG( 2, ( "=> write server hello" ) ); @@ -388,8 +388,10 @@ static int ssl_write_server_hello( ssl_context *ssl ) SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) ); - for( i = 28; i > 0; i-- ) - *p++ = (unsigned char) ssl->f_rng( ssl->p_rng ); + if( ( ret = ssl->f_rng( ssl->p_rng, p, 28 ) ) != 0 ) + return( ret ); + + p += 28; memcpy( ssl->randbytes + 32, buf + 6, 32 ); @@ -413,9 +415,8 @@ static int ssl_write_server_hello( ssl_context *ssl ) ssl->resume = 0; ssl->state++; - for( i = 0; i < n; i++ ) - ssl->session->id[i] = - (unsigned char) ssl->f_rng( ssl->p_rng ); + if( ( ret = ssl->f_rng( ssl->p_rng, ssl->session->id, n ) ) != 0 ) + return( ret ); } else { @@ -823,8 +824,9 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl ) */ ssl->pmslen = 48; - for( i = 0; i < ssl->pmslen; i++ ) - ssl->premaster[i] = (unsigned char) ssl->f_rng( ssl->p_rng ); + ret = ssl->f_rng( ssl->p_rng, ssl->premaster, ssl->pmslen ); + if( ret != 0 ) + return( ret ); } } diff --git a/library/ssl_tls.c b/library/ssl_tls.c index c3644ad03..a865a7551 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -578,8 +578,9 @@ static int ssl_encrypt_buf( ssl_context *ssl ) /* * Generate IV */ - for( i = 0; i < ssl->ivlen; i++ ) - ssl->iv_enc[i] = ssl->f_rng( ssl->p_rng ); + int ret = ssl->f_rng( ssl->p_rng, ssl->iv_enc, ssl->ivlen ); + if( ret != 0 ) + return( ret ); /* * Shift message for ivlen bytes and prepend IV @@ -1796,7 +1797,7 @@ void ssl_set_verify( ssl_context *ssl, } void ssl_set_rng( ssl_context *ssl, - int (*f_rng)(void *), + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) { ssl->f_rng = f_rng; diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index ab7b9a6cc..7b13e91c0 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -207,7 +207,7 @@ int main( int argc, char *argv[] ) n = dhm.len; if( ( ret = dhm_make_public( &dhm, 256, buf, n, - havege_rand, &hs ) ) != 0 ) + havege_random, &hs ) ) != 0 ) { printf( " failed\n ! dhm_make_public returned %d\n\n", ret ); goto exit; diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c index f6ae03fb4..ae31a1ef6 100644 --- a/programs/pkey/dh_genprime.c +++ b/programs/pkey/dh_genprime.c @@ -80,7 +80,7 @@ int main( int argc, char *argv[] ) * This can take a long time... */ if( ( ret = mpi_gen_prime( &P, DH_P_SIZE, 1, - havege_rand, &hs ) ) != 0 ) + havege_random, &hs ) ) != 0 ) { printf( " failed\n ! mpi_gen_prime returned %d\n\n", ret ); goto exit; @@ -101,7 +101,7 @@ int main( int argc, char *argv[] ) goto exit; } - if( ( ret = mpi_is_prime( &Q, havege_rand, &hs ) ) != 0 ) + if( ( ret = mpi_is_prime( &Q, havege_random, &hs ) ) != 0 ) { printf( " failed\n ! mpi_is_prime returned %d\n\n", ret ); goto exit; diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index de2ce970d..70af54c1d 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -172,7 +172,7 @@ int main( int argc, char *argv[] ) memset( buf, 0, sizeof( buf ) ); if( ( ret = dhm_make_params( &dhm, 256, buf, &n, - havege_rand, &hs ) ) != 0 ) + havege_random, &hs ) ) != 0 ) { printf( " failed\n ! dhm_make_params returned %d\n\n", ret ); goto exit; diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c index 0b54a17ae..63e2f13bc 100644 --- a/programs/pkey/rsa_encrypt.c +++ b/programs/pkey/rsa_encrypt.c @@ -110,7 +110,7 @@ int main( int argc, char *argv[] ) printf( "\n . Generating the RSA encrypted value" ); fflush( stdout ); - if( ( ret = rsa_pkcs1_encrypt( &rsa, havege_rand, &hs, RSA_PUBLIC, strlen( argv[1] ), input, buf ) ) != 0 ) + if( ( ret = rsa_pkcs1_encrypt( &rsa, havege_random, &hs, RSA_PUBLIC, strlen( argv[1] ), input, buf ) ) != 0 ) { printf( " failed\n ! rsa_pkcs1_encrypt returned %d\n\n", ret ); goto exit; diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c index d7158b4c0..e2d06fa54 100644 --- a/programs/pkey/rsa_genkey.c +++ b/programs/pkey/rsa_genkey.c @@ -74,7 +74,7 @@ int main( int argc, char *argv[] ) rsa_init( &rsa, RSA_PKCS_V15, 0 ); - if( ( ret = rsa_gen_key( &rsa, havege_rand, &hs, KEY_SIZE, EXPONENT ) ) != 0 ) + if( ( ret = rsa_gen_key( &rsa, havege_random, &hs, KEY_SIZE, EXPONENT ) ) != 0 ) { printf( " failed\n ! rsa_gen_key returned %d\n\n", ret ); goto exit; diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index e33cead25..3174599a8 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -105,7 +105,7 @@ int main( int argc, char *argv[] ) goto exit; } - if( ( ret = rsa_pkcs1_sign( &rsa, havege_rand, &hs, RSA_PRIVATE, SIG_RSA_SHA1, + if( ( ret = rsa_pkcs1_sign( &rsa, havege_random, &hs, RSA_PRIVATE, SIG_RSA_SHA1, 20, hash, buf ) ) != 0 ) { printf( " failed\n ! rsa_pkcs1_sign returned %d\n\n", ret ); diff --git a/programs/random/gen_random.c b/programs/random/gen_random.c index 6a7aa3ae6..20246fec1 100644 --- a/programs/random/gen_random.c +++ b/programs/random/gen_random.c @@ -44,7 +44,7 @@ int main( int argc, char *argv[] ) { FILE *f; time_t t; - int i, j, k; + int i, k; havege_state hs; unsigned char buf[1024]; @@ -66,8 +66,12 @@ int main( int argc, char *argv[] ) for( i = 0, k = 768; i < k; i++ ) { - for( j = 0; j < (int) sizeof( buf ); j++ ) - buf[j] = havege_rand( &hs ); + if( havege_random( &hs, buf, sizeof( buf ) ) != 0 ) + { + printf( "Failed to get random from source.\n" ); + fclose( f ); + return( 1 ); + } fwrite( buf, sizeof( buf ), 1, f ); diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index b57fe8db6..0bfad1ffc 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -35,6 +35,7 @@ #include "polarssl/net.h" #include "polarssl/ssl.h" #include "polarssl/havege.h" +#include "polarssl/error.h" #define SERVER_PORT 4433 #define SERVER_NAME "localhost" @@ -116,7 +117,7 @@ int main( int argc, char *argv[] ) ssl_set_endpoint( &ssl, SSL_IS_CLIENT ); ssl_set_authmode( &ssl, SSL_VERIFY_NONE ); - ssl_set_rng( &ssl, havege_rand, &hs ); + ssl_set_rng( &ssl, havege_random, &hs ); ssl_set_dbg( &ssl, my_debug, stdout ); ssl_set_bio( &ssl, net_recv, &server_fd, net_send, &server_fd ); @@ -183,6 +184,15 @@ int main( int argc, char *argv[] ) exit: +#ifdef POLARSSL_ERROR_C + if( ret != 0 ) + { + char error_buf[100]; + error_strerror( ret, error_buf, 100 ); + printf("Last error was: %d - %s\n\n", ret, error_buf ); + } +#endif + net_close( server_fd ); ssl_free( &ssl ); diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index de0af258a..38251067a 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -38,6 +38,7 @@ #include "polarssl/havege.h" #include "polarssl/certs.h" #include "polarssl/x509.h" +#include "polarssl/error.h" #define DFL_SERVER_NAME "localhost" #define DFL_SERVER_PORT 4433 @@ -328,7 +329,7 @@ int main( int argc, char *argv[] ) ssl_set_endpoint( &ssl, SSL_IS_CLIENT ); ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL ); - ssl_set_rng( &ssl, havege_rand, &hs ); + ssl_set_rng( &ssl, havege_random, &hs ); ssl_set_dbg( &ssl, my_debug, stdout ); ssl_set_bio( &ssl, net_recv, &server_fd, net_send, &server_fd ); @@ -452,6 +453,15 @@ int main( int argc, char *argv[] ) exit: +#ifdef POLARSSL_ERROR_C + if( ret != 0 ) + { + char error_buf[100]; + error_strerror( ret, error_buf, 100 ); + printf("Last error was: %d - %s\n\n", ret, error_buf ); + } +#endif + if( server_fd ) net_close( server_fd ); x509_free( &clicert ); diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index 411eac15d..85803d30d 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -333,7 +333,7 @@ int main( int argc, char *argv[] ) ssl_set_endpoint( &ssl, SSL_IS_SERVER ); ssl_set_authmode( &ssl, SSL_VERIFY_NONE ); - ssl_set_rng( &ssl, havege_rand, &hs ); + ssl_set_rng( &ssl, havege_random, &hs ); ssl_set_dbg( &ssl, my_debug, stdout ); ssl_set_bio( &ssl, net_recv, &client_fd, net_send, &client_fd ); diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 8034a2478..3f4bd75c2 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -581,7 +581,7 @@ int main( int argc, char *argv[] ) ssl_set_endpoint( &ssl, SSL_IS_CLIENT ); ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL ); - ssl_set_rng( &ssl, havege_rand, &hs ); + ssl_set_rng( &ssl, havege_random, &hs ); ssl_set_dbg( &ssl, my_debug, stdout ); ssl_set_bio( &ssl, net_recv, &server_fd, net_send, &server_fd ); diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index 1c6fec280..8a4914092 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -42,6 +42,7 @@ #include "polarssl/x509.h" #include "polarssl/ssl.h" #include "polarssl/net.h" +#include "polarssl/error.h" #define HTTP_RESPONSE \ "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \ @@ -261,7 +262,6 @@ int main( int argc, char *argv[] ) printf( " . Setting up the RNG and SSL data...." ); fflush( stdout ); - memset( &ssl, 0, sizeof( ssl ) ); havege_init( &hs ); if( ( ret = ssl_init( &ssl ) ) != 0 ) @@ -273,7 +273,7 @@ int main( int argc, char *argv[] ) ssl_set_endpoint( &ssl, SSL_IS_SERVER ); ssl_set_authmode( &ssl, SSL_VERIFY_NONE ); - ssl_set_rng( &ssl, havege_rand, &hs ); + ssl_set_rng( &ssl, havege_random, &hs ); ssl_set_dbg( &ssl, my_debug, stdout ); ssl_set_scb( &ssl, my_get_session, @@ -291,6 +291,15 @@ int main( int argc, char *argv[] ) printf( " ok\n" ); reset: +#ifdef POLARSSL_ERROR_C + if( ret != 0 ) + { + char error_buf[100]; + error_strerror( ret, error_buf, 100 ); + printf("Last error was: %d - %s\n\n", ret, error_buf ); + } +#endif + if( client_fd != -1 ) net_close( client_fd ); @@ -420,12 +429,22 @@ reset: len = ret; printf( " %d bytes written\n\n%s\n", len, (char *) buf ); - + ssl_close_notify( &ssl ); + ret = 0; goto reset; exit: +#ifdef POLARSSL_ERROR_C + if( ret != 0 ) + { + char error_buf[100]; + error_strerror( ret, error_buf, 100 ); + printf("Last error was: %d - %s\n\n", ret, error_buf ); + } +#endif + net_close( client_fd ); x509_free( &srvcert ); rsa_free( &rsa ); diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 091a9cf89..1588b47df 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -47,12 +47,27 @@ #define BUFSIZE 1024 -static int myrand( void *rng_state ) +static int myrand( void *rng_state, unsigned char *output, size_t len ) { + size_t use_len; + int rnd; + if( rng_state != NULL ) rng_state = NULL; - return( rand() ); + while( len > 0 ) + { + use_len = len; + if( use_len > sizeof(int) ) + use_len = sizeof(int); + + rnd = rand(); + memcpy( output, &rnd, use_len ); + output += use_len; + len -= use_len; + } + + return( 0 ); } unsigned char buf[BUFSIZE]; diff --git a/programs/test/ssl_test.c b/programs/test/ssl_test.c index 683963c98..8bac4b249 100644 --- a/programs/test/ssl_test.c +++ b/programs/test/ssl_test.c @@ -257,7 +257,7 @@ static int ssl_test( struct options *opt ) ssl_set_authmode( &ssl, SSL_VERIFY_NONE ); - ssl_set_rng( &ssl, havege_rand, &hs ); + ssl_set_rng( &ssl, havege_random, &hs ); ssl_set_dbg( &ssl, my_debug, opt ); ssl_set_bio( &ssl, net_recv, &client_fd, net_send, &client_fd ); diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index 1350fc14b..cde96af73 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -250,7 +250,7 @@ int main( int argc, char *argv[] ) ssl_set_endpoint( &ssl, SSL_IS_CLIENT ); ssl_set_authmode( &ssl, SSL_VERIFY_NONE ); - ssl_set_rng( &ssl, havege_rand, &hs ); + ssl_set_rng( &ssl, havege_random, &hs ); ssl_set_dbg( &ssl, my_debug, stdout ); ssl_set_bio( &ssl, net_recv, &server_fd, net_send, &server_fd ); diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index cfb02533f..94d72733c 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -97,12 +97,17 @@ void hexify(unsigned char *obuf, const unsigned char *ibuf, int len) * * rng_state shall be NULL. */ -static int rnd_std_rand( void *rng_state ) +static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len ) { + size_t i; + if( rng_state != NULL ) rng_state = NULL; - return( rand() ); + for( i = 0; i < len; ++i ) + output[i] = rand(); + + return( 0 ); } /** @@ -110,19 +115,20 @@ static int rnd_std_rand( void *rng_state ) * * rng_state shall be NULL. */ -static int rnd_zero_rand( void *rng_state ) +static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len ) { if( rng_state != NULL ) rng_state = NULL; + memset( output, 0, len ); + return( 0 ); } typedef struct { unsigned char *buf; - int length; - int per_call; + size_t length; } rnd_buf_info; /** @@ -136,34 +142,29 @@ typedef struct * * After the buffer is empty it will return rand(); */ -static int rnd_buffer_rand( void *rng_state ) +static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len ) { rnd_buf_info *info = (rnd_buf_info *) rng_state; - int res; + size_t use_len; if( rng_state == NULL ) - return( rand() ); + return( rnd_std_rand( NULL, output, len ) ); - if( info->per_call > 4 ) - info->per_call = 4; - else if( info->per_call < 1 ) - info->per_call = 1; + use_len = len; + if( len > info->length ) + use_len = info->length; - res = rand(); - - if( info->length >= info->per_call ) + if( use_len ) { - memcpy( &res, info->buf, info->per_call ); - info->buf += info->per_call; - info->length -= info->per_call; - } - else if( info->length > 0 ) - { - memcpy( &res, info->buf, info->length ); - info->length = 0; + memcpy( output, info->buf, use_len ); + info->buf += use_len; + info->length -= use_len; } - return( res ); + if( len - use_len > 0 ) + return( rnd_std_rand( NULL, output + use_len, len - use_len ) ); + + return( 0 ); } /** @@ -187,21 +188,33 @@ typedef struct * * rng_state shall be a pointer to a rnd_pseudo_info structure. */ -static int rnd_pseudo_rand( void *rng_state ) +static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len ) { rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state; - uint32_t i, *k, sum = 0, delta=0x9E3779B9; + uint32_t i, *k, sum, delta=0x9E3779B9; if( rng_state == NULL ) - return( rand() ); + return( rnd_std_rand( NULL, output, len ) ); k = info->key; - for( i = 0; i < 32; i++ ) + + while( len > 0 ) { - info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]); - sum += delta; - info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]); + size_t use_len = len; + sum = 0; + + use_len = 1; + + for( i = 0; i < 32; i++ ) + { + info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]); + sum += delta; + info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]); + } + + memcpy( output, &info->v0, use_len ); + len -= use_len; } - return( info->v0 ); + return( 0 ); } diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index 98dea209a..b7d381386 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -26,7 +26,6 @@ pkcs1_rsaes_oaep_encrypt:mod:radix_N:input_N:radix_E:input_E:hash:message_hex_st info.length = unhexify( rnd_buf, {seed} ); info.buf = rnd_buf; - info.per_call = 1; rsa_init( &ctx, RSA_PKCS_V21, {hash} ); memset( message_str, 0x00, 1000 ); @@ -114,7 +113,6 @@ pkcs1_rsassa_pss_sign:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_ info.length = unhexify( rnd_buf, {salt} ); info.buf = rnd_buf; - info.per_call = 1; mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); rsa_init( &ctx, RSA_PKCS_V21, {hash} ); diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 0d4ba0ba8..15048cd2c 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -514,7 +514,7 @@ rsa_gen_key:nrbits:exponent:result havege_init( &hs ); rsa_init( &ctx, 0, 0 ); - TEST_ASSERT( rsa_gen_key( &ctx, havege_rand, &hs, {nrbits}, {exponent} ) == {result} ); + TEST_ASSERT( rsa_gen_key( &ctx, havege_random, &hs, {nrbits}, {exponent} ) == {result} ); if( {result} == 0 ) { TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );