- Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs

2025-08-08 17:42:09 +03:00 · 2011-11-27 21:07:34 +00:00
parent 880ac7eb95
commit a3d195c41f
31 changed files with 232 additions and 119 deletions
--- a/programs/pkey/dh_client.c
+++ b/programs/pkey/dh_client.c
@@ -207,7 +207,7 @@ int main( int argc, char *argv[] )

    n = dhm.len;
    if( ( ret = dhm_make_public( &dhm, 256, buf, n,
-                                 havege_rand, &hs ) ) != 0 )
+                                 havege_random, &hs ) ) != 0 )
    {
        printf( " failed\n  ! dhm_make_public returned %d\n\n", ret );
        goto exit;
--- a/programs/pkey/dh_genprime.c
+++ b/programs/pkey/dh_genprime.c
@@ -80,7 +80,7 @@ int main( int argc, char *argv[] )
     * This can take a long time...
     */
    if( ( ret = mpi_gen_prime( &P, DH_P_SIZE, 1,
-                               havege_rand, &hs ) ) != 0 )
+                               havege_random, &hs ) ) != 0 )
    {
        printf( " failed\n  ! mpi_gen_prime returned %d\n\n", ret );
        goto exit;
@@ -101,7 +101,7 @@ int main( int argc, char *argv[] )
        goto exit;
    }

-    if( ( ret = mpi_is_prime( &Q, havege_rand, &hs ) ) != 0 )
+    if( ( ret = mpi_is_prime( &Q, havege_random, &hs ) ) != 0 )
    {
        printf( " failed\n  ! mpi_is_prime returned %d\n\n", ret );
        goto exit;
--- a/programs/pkey/dh_server.c
+++ b/programs/pkey/dh_server.c
@@ -172,7 +172,7 @@ int main( int argc, char *argv[] )
    memset( buf, 0, sizeof( buf ) );

    if( ( ret = dhm_make_params( &dhm, 256, buf, &n,
-                                 havege_rand, &hs ) ) != 0 )
+                                 havege_random, &hs ) ) != 0 )
    {
        printf( " failed\n  ! dhm_make_params returned %d\n\n", ret );
        goto exit;
--- a/programs/pkey/rsa_encrypt.c
+++ b/programs/pkey/rsa_encrypt.c
@@ -110,7 +110,7 @@ int main( int argc, char *argv[] )
    printf( "\n  . Generating the RSA encrypted value" );
    fflush( stdout );

-    if( ( ret = rsa_pkcs1_encrypt( &rsa, havege_rand, &hs, RSA_PUBLIC, strlen( argv[1] ), input, buf ) ) != 0 )
+    if( ( ret = rsa_pkcs1_encrypt( &rsa, havege_random, &hs, RSA_PUBLIC, strlen( argv[1] ), input, buf ) ) != 0 )
    {
        printf( " failed\n  ! rsa_pkcs1_encrypt returned %d\n\n", ret );
        goto exit;
--- a/programs/pkey/rsa_genkey.c
+++ b/programs/pkey/rsa_genkey.c
@@ -74,7 +74,7 @@ int main( int argc, char *argv[] )

    rsa_init( &rsa, RSA_PKCS_V15, 0 );
    
-    if( ( ret = rsa_gen_key( &rsa, havege_rand, &hs, KEY_SIZE, EXPONENT ) ) != 0 )
+    if( ( ret = rsa_gen_key( &rsa, havege_random, &hs, KEY_SIZE, EXPONENT ) ) != 0 )
    {
        printf( " failed\n  ! rsa_gen_key returned %d\n\n", ret );
        goto exit;
--- a/programs/pkey/rsa_sign_pss.c
+++ b/programs/pkey/rsa_sign_pss.c
@@ -105,7 +105,7 @@ int main( int argc, char *argv[] )
        goto exit;
    }

-    if( ( ret = rsa_pkcs1_sign( &rsa, havege_rand, &hs, RSA_PRIVATE, SIG_RSA_SHA1,
+    if( ( ret = rsa_pkcs1_sign( &rsa, havege_random, &hs, RSA_PRIVATE, SIG_RSA_SHA1,
                                20, hash, buf ) ) != 0 )
    {
        printf( " failed\n  ! rsa_pkcs1_sign returned %d\n\n", ret );
--- a/programs/random/gen_random.c
+++ b/programs/random/gen_random.c
@@ -44,7 +44,7 @@ int main( int argc, char *argv[] )
 {
    FILE *f;
    time_t t;
-    int i, j, k;
+    int i, k;
    havege_state hs;
    unsigned char buf[1024];

@@ -66,8 +66,12 @@ int main( int argc, char *argv[] )

    for( i = 0, k = 768; i < k; i++ )
    {
-        for( j = 0; j < (int) sizeof( buf ); j++ )
-            buf[j] = havege_rand( &hs );
+        if( havege_random( &hs, buf, sizeof( buf ) ) != 0 )
+        {
+            printf( "Failed to get random from source.\n" );
+            fclose( f );
+            return( 1 );
+        }

        fwrite( buf, sizeof( buf ), 1, f );

--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -35,6 +35,7 @@
 #include "polarssl/net.h"
 #include "polarssl/ssl.h"
 #include "polarssl/havege.h"
+#include "polarssl/error.h"

 #define SERVER_PORT 4433
 #define SERVER_NAME "localhost"
@@ -116,7 +117,7 @@ int main( int argc, char *argv[] )
    ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
    ssl_set_authmode( &ssl, SSL_VERIFY_NONE );

-    ssl_set_rng( &ssl, havege_rand, &hs );
+    ssl_set_rng( &ssl, havege_random, &hs );
    ssl_set_dbg( &ssl, my_debug, stdout );
    ssl_set_bio( &ssl, net_recv, &server_fd,
                       net_send, &server_fd );
@@ -183,6 +184,15 @@ int main( int argc, char *argv[] )

 exit:

+#ifdef POLARSSL_ERROR_C
+    if( ret != 0 )
+    {
+        char error_buf[100];
+        error_strerror( ret, error_buf, 100 );
+        printf("Last error was: %d - %s\n\n", ret, error_buf );
+    }
+#endif
+
    net_close( server_fd );
    ssl_free( &ssl );

--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -38,6 +38,7 @@
 #include "polarssl/havege.h"
 #include "polarssl/certs.h"
 #include "polarssl/x509.h"
+#include "polarssl/error.h"

 #define DFL_SERVER_NAME         "localhost"
 #define DFL_SERVER_PORT         4433
@@ -328,7 +329,7 @@ int main( int argc, char *argv[] )
    ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
    ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL );

-    ssl_set_rng( &ssl, havege_rand, &hs );
+    ssl_set_rng( &ssl, havege_random, &hs );
    ssl_set_dbg( &ssl, my_debug, stdout );
    ssl_set_bio( &ssl, net_recv, &server_fd,
                       net_send, &server_fd );
@@ -452,6 +453,15 @@ int main( int argc, char *argv[] )

 exit:

+#ifdef POLARSSL_ERROR_C
+    if( ret != 0 )
+    {
+        char error_buf[100];
+        error_strerror( ret, error_buf, 100 );
+        printf("Last error was: %d - %s\n\n", ret, error_buf );
+    }
+#endif
+
    if( server_fd )
        net_close( server_fd );
    x509_free( &clicert );
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -333,7 +333,7 @@ int main( int argc, char *argv[] )
        ssl_set_endpoint( &ssl, SSL_IS_SERVER );
        ssl_set_authmode( &ssl, SSL_VERIFY_NONE );

-        ssl_set_rng( &ssl, havege_rand, &hs );
+        ssl_set_rng( &ssl, havege_random, &hs );
        ssl_set_dbg( &ssl, my_debug, stdout );
        ssl_set_bio( &ssl, net_recv, &client_fd,
                           net_send, &client_fd );
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -581,7 +581,7 @@ int main( int argc, char *argv[] )
    ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
    ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL );

-    ssl_set_rng( &ssl, havege_rand, &hs );
+    ssl_set_rng( &ssl, havege_random, &hs );
    ssl_set_dbg( &ssl, my_debug, stdout );
    ssl_set_bio( &ssl, net_recv, &server_fd,
            net_send, &server_fd );
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -42,6 +42,7 @@
 #include "polarssl/x509.h"
 #include "polarssl/ssl.h"
 #include "polarssl/net.h"
+#include "polarssl/error.h"

 #define HTTP_RESPONSE \
    "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
@@ -261,7 +262,6 @@ int main( int argc, char *argv[] )
    printf( "  . Setting up the RNG and SSL data...." );
    fflush( stdout );

-    memset( &ssl, 0, sizeof( ssl ) );
    havege_init( &hs );

    if( ( ret = ssl_init( &ssl ) ) != 0 )
@@ -273,7 +273,7 @@ int main( int argc, char *argv[] )
    ssl_set_endpoint( &ssl, SSL_IS_SERVER );
    ssl_set_authmode( &ssl, SSL_VERIFY_NONE );

-    ssl_set_rng( &ssl, havege_rand, &hs );
+    ssl_set_rng( &ssl, havege_random, &hs );
    ssl_set_dbg( &ssl, my_debug, stdout );

    ssl_set_scb( &ssl, my_get_session,
@@ -291,6 +291,15 @@ int main( int argc, char *argv[] )
    printf( " ok\n" );

 reset:
+#ifdef POLARSSL_ERROR_C
+    if( ret != 0 )
+    {
+        char error_buf[100];
+        error_strerror( ret, error_buf, 100 );
+        printf("Last error was: %d - %s\n\n", ret, error_buf );
+    }
+#endif
+
    if( client_fd != -1 )
        net_close( client_fd );

@@ -420,12 +429,22 @@ reset:

    len = ret;
    printf( " %d bytes written\n\n%s\n", len, (char *) buf );
-
+    
    ssl_close_notify( &ssl );
+    ret = 0;
    goto reset;

 exit:

+#ifdef POLARSSL_ERROR_C
+    if( ret != 0 )
+    {
+        char error_buf[100];
+        error_strerror( ret, error_buf, 100 );
+        printf("Last error was: %d - %s\n\n", ret, error_buf );
+    }
+#endif
+
    net_close( client_fd );
    x509_free( &srvcert );
    rsa_free( &rsa );
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@@ -47,12 +47,27 @@

 #define BUFSIZE 1024

-static int myrand( void *rng_state )
+static int myrand( void *rng_state, unsigned char *output, size_t len )
 {
+    size_t use_len;
+    int rnd;
+
    if( rng_state != NULL )
        rng_state  = NULL;

-    return( rand() );
+    while( len > 0 )
+    {
+        use_len = len;
+        if( use_len > sizeof(int) )
+            use_len = sizeof(int);
+
+        rnd = rand();
+        memcpy( output, &rnd, use_len );
+        output += use_len;
+        len -= use_len;
+    }
+
+    return( 0 );
 }

 unsigned char buf[BUFSIZE];
--- a/programs/test/ssl_test.c
+++ b/programs/test/ssl_test.c
@@ -257,7 +257,7 @@ static int ssl_test( struct options *opt )

    ssl_set_authmode( &ssl, SSL_VERIFY_NONE );

-    ssl_set_rng( &ssl, havege_rand, &hs );
+    ssl_set_rng( &ssl, havege_random, &hs );
    ssl_set_dbg( &ssl, my_debug, opt );
    ssl_set_bio( &ssl, net_recv, &client_fd,
                       net_send, &client_fd );
--- a/programs/x509/cert_app.c
+++ b/programs/x509/cert_app.c
@@ -250,7 +250,7 @@ int main( int argc, char *argv[] )
        ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
        ssl_set_authmode( &ssl, SSL_VERIFY_NONE );

-        ssl_set_rng( &ssl, havege_rand, &hs );
+        ssl_set_rng( &ssl, havege_random, &hs );
        ssl_set_dbg( &ssl, my_debug, stdout );
        ssl_set_bio( &ssl, net_recv, &server_fd,
                net_send, &server_fd );