OpenSSL 0.9.5a merge

1 files changed, 125 insertions, 8 deletions

diff --git a/lib/libcrypto/rand/md_rand.c b/lib/libcrypto/rand/md_rand.c
index 6b158f03495..da4258c479c 100644
--- a/lib/libcrypto/rand/md_rand.c
+++ b/lib/libcrypto/rand/md_rand.c
@@ -55,6 +55,59 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
 
 #define ENTROPY_NEEDED 16  /* require 128 bits = 16 bytes of randomness */
 
@@ -130,6 +183,10 @@
 
 #include <openssl/rand.h>
 
+#ifdef BN_DEBUG
+# define PREDICT
+#endif
+
 /* #define NORAND	1 */
 /* #define PREDICT	1 */
 
@@ -141,6 +198,10 @@ static long md_count[2]={0,0};
 static double entropy=0;
 static int initialized=0;
 
+#ifdef PREDICT
+int rand_predictable=0;
+#endif
+
 const char *RAND_version="RAND" OPENSSL_VERSION_PTEXT;
 
 static void ssleay_rand_cleanup(void);
@@ -148,6 +209,7 @@ static void ssleay_rand_seed(const void *buf, int num);
 static void ssleay_rand_add(const void *buf, int num, double add_entropy);
 static int ssleay_rand_bytes(unsigned char *buf, int num);
 static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);
+static int ssleay_rand_status(void);
 
 RAND_METHOD rand_ssleay_meth={
 	ssleay_rand_seed,
@@ -155,6 +217,7 @@ RAND_METHOD rand_ssleay_meth={
 	ssleay_rand_cleanup,
 	ssleay_rand_add,
 	ssleay_rand_pseudo_bytes,
+	ssleay_rand_status
 	}; 
 
 RAND_METHOD *RAND_SSLeay(void)
@@ -306,6 +369,10 @@ static void ssleay_rand_initialize(void)
 	FILE *fh;
 #endif
 
+#ifdef NORAND
+	return;
+#endif
+
 	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 	/* put in some default random data, we need more than just this */
 #ifndef GETPID_IS_MEANINGLESS
@@ -354,13 +421,14 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 #endif
 
 #ifdef PREDICT
-	{
-	static unsigned char val=0;
+	if (rand_predictable)
+		{
+		static unsigned char val=0;
 
-	for (i=0; i<num; i++)
-		buf[i]=val++;
-	return(1);
-	}
+		for (i=0; i<num; i++)
+			buf[i]=val++;
+		return(1);
+		}
 #endif
 
 	/*
@@ -489,17 +557,66 @@ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
 	return (ret);
 	}
 
-int RAND_status(void)
+static int ssleay_rand_status(void)
 	{
+	int ret;
+
+	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+
 	if (!initialized)
 		ssleay_rand_initialize();
-	return (entropy >= ENTROPY_NEEDED);
+	ret = entropy >= ENTROPY_NEEDED;
+
+	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+
+	return ret;
 	}
 
 #ifdef WINDOWS
 #include <windows.h>
 #include <openssl/rand.h>
 
+int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam)
+        {
+        double add_entropy=0;
+        SYSTEMTIME t;
+
+        switch (iMsg)
+                {
+        case WM_KEYDOWN:
+                        {
+                        static WPARAM key;
+                        if (key != wParam)
+                                add_entropy = 0.05;
+                        key = wParam;
+                        }
+                        break;
+	case WM_MOUSEMOVE:
+                        {
+                        static int lastx,lasty,lastdx,lastdy;
+                        int x,y,dx,dy;
+
+                        x=LOWORD(lParam);
+                        y=HIWORD(lParam);
+                        dx=lastx-x;
+                        dy=lasty-y;
+                        if (dx != 0 && dy != 0 && dx-lastdx != 0 && dy-lastdy != 0)
+                                add_entropy=.2;
+                        lastx=x, lasty=y;
+                        lastdx=dx, lastdy=dy;
+                        }
+		break;
+		}
+
+        GetSystemTime(&t);
+        RAND_add(&iMsg, sizeof(iMsg), add_entropy);
+	RAND_add(&wParam, sizeof(wParam), 0);
+	RAND_add(&lParam, sizeof(lParam), 0);
+        RAND_add(&t, sizeof(t), 0);
+
+	return (RAND_status());
+	}
+
 /*****************************************************************************
  * Initialisation function for the SSL random generator.  Takes the contents
  * of the screen as random seed.