Blame - ap/build/uClibc/libc/stdlib/arc4random.c - T106_DC

blob: c7aed66b68a7990c3608d3f8095c14268fb01d87 [file] [log] [blame]

lh	9ed821d	2023-04-07 01:36:19 -0700	[diff] [blame]	1	/* $$$: arc4random.c 2005/02/08 robert */
				2	/* $NetBSD: arc4random.c,v 1.5.2.1 2004/03/26 22:52:50 jmc Exp $ */
				3	/* $OpenBSD: arc4random.c,v 1.6 2001/06/05 05:05:38 pvalchev Exp $ */
				4
				5	/*
				6	* Arc4 random number generator for OpenBSD.
				7	* Copyright 1996 David Mazieres <dm@lcs.mit.edu>.
				8	*
				9	* Modification and redistribution in source and binary forms is
				10	* permitted provided that due credit is given to the author and the
				11	* OpenBSD project by leaving this copyright notice intact.
				12	*/
				13
				14	/*
				15	* This code is derived from section 17.1 of Applied Cryptography,
				16	* second edition, which describes a stream cipher allegedly
				17	* compatible with RSA Labs "RC4" cipher (the actual description of
				18	* which is a trade secret). The same algorithm is used as a stream
				19	* cipher called "arcfour" in Tatu Ylonen's ssh package.
				20	*
				21	* Here the stream cipher has been modified always to include the time
				22	* when initializing the state. That makes it impossible to
				23	* regenerate the same random sequence twice, so this can't be used
				24	* for encryption, but will generate good random numbers.
				25	*
				26	* RC4 is a registered trademark of RSA Laboratories.
				27	*/
				28
				29	#include <features.h>
				30	#include <fcntl.h>
				31	#include <stdlib.h>
				32	#include <unistd.h>
				33	#include <sys/types.h>
				34	#include <sys/param.h>
				35	#include <sys/time.h>
				36	#ifdef __ARC4RANDOM_USE_ERANDOM__
				37	#include <sys/sysctl.h>
				38	#endif
				39
				40
				41	struct arc4_stream {
				42	uint8_t i;
				43	uint8_t j;
				44	uint8_t s[256];
				45	};
				46
				47	static int rs_initialized;
				48	static struct arc4_stream rs;
				49
				50	static __inline__ void arc4_init(struct arc4_stream *);
				51	static __inline__ void arc4_addrandom(struct arc4_stream , u_char , int);
				52	static void arc4_stir(struct arc4_stream *);
				53	static __inline__ uint8_t arc4_getbyte(struct arc4_stream *);
				54	static __inline__ uint32_t arc4_getword(struct arc4_stream *);
				55
				56	static __inline__ void
				57	arc4_init(struct arc4_stream *as)
				58	{
				59	int n;
				60
				61	for (n = 0; n < 256; n++)
				62	as->s[n] = n;
				63	as->i = 0;
				64	as->j = 0;
				65	}
				66
				67	static __inline__ void
				68	arc4_addrandom(struct arc4_stream as, u_char dat, int datlen)
				69	{
				70	int n;
				71	uint8_t si;
				72
				73	as->i--;
				74	for (n = 0; n < 256; n++) {
				75	as->i = (as->i + 1);
				76	si = as->s[as->i];
				77	as->j = (as->j + si + dat[n % datlen]);
				78	as->s[as->i] = as->s[as->j];
				79	as->s[as->j] = si;
				80	}
				81	as->j = as->i;
				82	}
				83
				84	static void
				85	arc4_stir(struct arc4_stream *as)
				86	{
				87	int fd;
				88	struct {
				89	struct timeval tv;
				90	uint rnd[(128 - sizeof(struct timeval)) / sizeof(uint)];
				91	} rdat;
				92	int n;
				93
				94	gettimeofday(&rdat.tv, NULL);
				95	fd = open("/dev/urandom", O_RDONLY);
				96	if (fd != -1) {
				97	read(fd, rdat.rnd, sizeof(rdat.rnd));
				98	close(fd);
				99	}
				100	#ifdef __ARC4RANDOM_USE_ERANDOM__
				101	else {
				102	int mib[3];
				103	uint i;
				104	size_t len;
				105
				106	/* Device could not be opened, we might be chrooted, take
				107	* randomness from sysctl. */
				108
				109	mib[0] = CTL_KERN;
				110	mib[1] = KERN_RANDOM;
				111	mib[2] = RANDOM_ERANDOM;
				112
				113	for (i = 0; i < sizeof(rdat.rnd) / sizeof(uint); i++) {
				114	len = sizeof(uint);
				115	if (sysctl(mib, 3, &rdat.rnd[i], &len, NULL, 0) == -1)
				116	break;
				117	}
				118	}
				119	#endif
				120
				121	arc4_addrandom(as, (void *) &rdat, sizeof(rdat));
				122
				123	/*
				124	* Throw away the first N words of output, as suggested in the
				125	* paper "Weaknesses in the Key Scheduling Algorithm of RC4"
				126	* by Fluher, Mantin, and Shamir.
				127	* http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps
				128	* N = 256 in our case.
				129	*/
				130	for (n = 0; n < 256 * 4; n++)
				131	arc4_getbyte(as);
				132	}
				133
				134	static __inline__ uint8_t
				135	arc4_getbyte(struct arc4_stream *as)
				136	{
				137	uint8_t si, sj;
				138
				139	as->i = (as->i + 1);
				140	si = as->s[as->i];
				141	as->j = (as->j + si);
				142	sj = as->s[as->j];
				143	as->s[as->i] = sj;
				144	as->s[as->j] = si;
				145	return (as->s[(si + sj) & 0xff]);
				146	}
				147
				148	static __inline__ uint32_t
				149	arc4_getword(struct arc4_stream *as)
				150	{
				151	uint32_t val;
				152	val = arc4_getbyte(as) << 24;
				153	val \|= arc4_getbyte(as) << 16;
				154	val \|= arc4_getbyte(as) << 8;
				155	val \|= arc4_getbyte(as);
				156	return val;
				157	}
				158
				159	static void
				160	__arc4random_stir(void)
				161	{
				162	if (!rs_initialized) {
				163	arc4_init(&rs);
				164	rs_initialized = 1;
				165	}
				166	arc4_stir(&rs);
				167	}
				168	strong_alias(__arc4random_stir,arc4random_stir)
				169
				170	void
				171	arc4random_addrandom(u_char *dat, int datlen)
				172	{
				173	if (!rs_initialized)
				174	__arc4random_stir();
				175	arc4_addrandom(&rs, dat, datlen);
				176	}
				177
				178	uint32_t
				179	arc4random(void)
				180	{
				181	if (!rs_initialized)
				182	__arc4random_stir();
				183	return arc4_getword(&rs);
				184	}
				185
				186	#if 0
				187	/-------- Test code --------/
				188	#include <stdlib.h>
				189	#include <stdio.h>
				190
				191	int main(void) {
				192	int random_number;
				193	random_number = arc4random() % 65536;
				194	printf("%d\n", random_number);
				195	return 0;
				196	}
				197	#endif