ReactOS 0.4.16-dev-819-g75c0dc0
magic.c
Go to the documentation of this file.
1/*
2 * magic.c - PPP Magic Number routines.
3 *
4 * Copyright (c) 1984-2000 Carnegie Mellon University. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 *
18 * 3. The name "Carnegie Mellon University" must not be used to
19 * endorse or promote products derived from this software without
20 * prior written permission. For permission or any legal
21 * details, please contact
22 * Office of Technology Transfer
23 * Carnegie Mellon University
24 * 5000 Forbes Avenue
25 * Pittsburgh, PA 15213-3890
26 * (412) 268-4387, fax: (412) 268-7395
27 * tech-transfer@andrew.cmu.edu
28 *
29 * 4. Redistributions of any form whatsoever must retain the following
30 * acknowledgment:
31 * "This product includes software developed by Computing Services
32 * at Carnegie Mellon University (http://www.cmu.edu/computing/)."
33 *
34 * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
35 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
36 * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
37 * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
38 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
39 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
40 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
41 */
42/*****************************************************************************
43* randm.c - Random number generator program file.
44*
45* Copyright (c) 2003 by Marc Boucher, Services Informatiques (MBSI) inc.
46* Copyright (c) 1998 by Global Election Systems Inc.
47*
48* The authors hereby grant permission to use, copy, modify, distribute,
49* and license this software and its documentation for any purpose, provided
50* that existing copyright notices are retained in all copies and that this
51* notice and the following disclaimer are included verbatim in any
52* distributions. No written agreement, license, or royalty fee is required
53* for any of the authorized uses.
54*
55* THIS SOFTWARE IS PROVIDED BY THE CONTRIBUTORS *AS IS* AND ANY EXPRESS OR
56* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
57* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
58* IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
59* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
60* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
61* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
62* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
63* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
64* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
65*
66******************************************************************************
67* REVISION HISTORY
68*
69* 03-01-01 Marc Boucher <marc@mbsi.ca>
70* Ported to lwIP.
71* 98-06-03 Guy Lancaster <lancasterg@acm.org>, Global Election Systems Inc.
72* Extracted from avos.
73*****************************************************************************/
74
75#include "netif/ppp/ppp_opts.h"
76#if PPP_SUPPORT /* don't build if not configured for use in lwipopts.h */
77
78#include "netif/ppp/ppp_impl.h"
79#include "netif/ppp/magic.h"
80
81#if PPP_MD5_RANDM /* Using MD5 for better randomness if enabled */
82
83#include "netif/ppp/pppcrypt.h"
84
85#define MD5_HASH_SIZE 16
86static char magic_randpool[MD5_HASH_SIZE]; /* Pool of randomness. */
87static long magic_randcount; /* Pseudo-random incrementer */
88static u32_t magic_randomseed; /* Seed used for random number generation. */
89
90/*
91 * Churn the randomness pool on a random event. Call this early and often
92 * on random and semi-random system events to build randomness in time for
93 * usage. For randomly timed events, pass a null pointer and a zero length
94 * and this will use the system timer and other sources to add randomness.
95 * If new random data is available, pass a pointer to that and it will be
96 * included.
97 *
98 * Ref: Applied Cryptography 2nd Ed. by Bruce Schneier p. 427
99 */
100static void magic_churnrand(char *rand_data, u32_t rand_len) {
101 lwip_md5_context md5_ctx;
102
103 /* LWIP_DEBUGF(LOG_INFO, ("magic_churnrand: %u@%P\n", rand_len, rand_data)); */
104 lwip_md5_init(&md5_ctx);
105 lwip_md5_starts(&md5_ctx);
106 lwip_md5_update(&md5_ctx, (u_char *)magic_randpool, sizeof(magic_randpool));
107 if (rand_data) {
108 lwip_md5_update(&md5_ctx, (u_char *)rand_data, rand_len);
109 } else {
110 struct {
111 /* INCLUDE fields for any system sources of randomness */
113#ifdef LWIP_RAND
114 u32_t rand;
115#endif /* LWIP_RAND */
116 } sys_data;
117 /* Load sys_data fields here. */
118 magic_randomseed += sys_jiffies();
119 sys_data.jiffies = magic_randomseed;
120#ifdef LWIP_RAND
121 sys_data.rand = LWIP_RAND();
122#endif /* LWIP_RAND */
123 lwip_md5_update(&md5_ctx, (u_char *)&sys_data, sizeof(sys_data));
124 }
125 lwip_md5_finish(&md5_ctx, (u_char *)magic_randpool);
126 lwip_md5_free(&md5_ctx);
127/* LWIP_DEBUGF(LOG_INFO, ("magic_churnrand: -> 0\n")); */
128}
129
130/*
131 * Initialize the random number generator.
132 */
133void magic_init(void) {
134 magic_churnrand(NULL, 0);
135}
136
137/*
138 * Randomize our random seed value.
139 */
140void magic_randomize(void) {
141 magic_churnrand(NULL, 0);
142}
143
144/*
145 * Fill a buffer with random bytes.
146 *
147 * Use the random pool to generate random data. This degrades to pseudo
148 * random when used faster than randomness is supplied using magic_churnrand().
149 * Note: It's important that there be sufficient randomness in magic_randpool
150 * before this is called for otherwise the range of the result may be
151 * narrow enough to make a search feasible.
152 *
153 * Ref: Applied Cryptography 2nd Ed. by Bruce Schneier p. 427
154 *
155 * XXX Why does he not just call magic_churnrand() for each block? Probably
156 * so that you don't ever publish the seed which could possibly help
157 * predict future values.
158 * XXX Why don't we preserve md5 between blocks and just update it with
159 * magic_randcount each time? Probably there is a weakness but I wish that
160 * it was documented.
161 */
162void magic_random_bytes(unsigned char *buf, u32_t buf_len) {
163 lwip_md5_context md5_ctx;
164 u_char tmp[MD5_HASH_SIZE];
165 u32_t n;
166
167 while (buf_len > 0) {
168 lwip_md5_init(&md5_ctx);
169 lwip_md5_starts(&md5_ctx);
170 lwip_md5_update(&md5_ctx, (u_char *)magic_randpool, sizeof(magic_randpool));
171 lwip_md5_update(&md5_ctx, (u_char *)&magic_randcount, sizeof(magic_randcount));
172 lwip_md5_finish(&md5_ctx, tmp);
173 lwip_md5_free(&md5_ctx);
174 magic_randcount++;
175 n = LWIP_MIN(buf_len, MD5_HASH_SIZE);
176 MEMCPY(buf, tmp, n);
177 buf += n;
178 buf_len -= n;
179 }
180}
181
182/*
183 * Return a new 32-bit random number.
184 */
185u32_t magic(void) {
186 u32_t new_rand;
187
188 magic_random_bytes((unsigned char *)&new_rand, sizeof(new_rand));
189 return new_rand;
190}
191
192#else /* PPP_MD5_RANDM */
193
194#ifndef LWIP_RAND
195static int magic_randomized; /* Set when truly randomized. */
196#endif /* LWIP_RAND */
197static u32_t magic_randomseed; /* Seed used for random number generation. */
198
199/*
200 * Initialize the random number generator.
201 *
202 * Here we attempt to compute a random number seed but even if
203 * it isn't random, we'll randomize it later.
204 *
205 * The current method uses the jiffies counter. When this is
206 * invoked at startup the jiffies counter value may repeat
207 * after each boot. Thus we call it again on the first
208 * random event.
209 *
210 * If LWIP_RAND if available, we do not call srand() as we are
211 * not going to call rand().
212 */
213void magic_init(void) {
214 magic_randomseed += sys_jiffies();
215#ifndef LWIP_RAND
216 /* Initialize the random number generator. */
217 srand((unsigned)magic_randomseed);
218#endif /* LWIP_RAND */
219}
220
221/*
222 * Randomize our random seed value. Here we use the fact that
223 * this function is called at *truly random* times by the polling
224 * and network functions. Here we only get 16 bits of new random
225 * value but we use the previous value to randomize the other 16
226 * bits.
227 */
228void magic_randomize(void) {
229#ifndef LWIP_RAND
230 if (!magic_randomized) {
231 magic_randomized = !0;
232 magic_init();
233 /* The initialization function also updates the seed. */
234 return;
235 }
236#endif /* LWIP_RAND */
237 magic_randomseed += sys_jiffies();
238}
239
240/*
241 * Return a new 32-bit random number.
242 *
243 * Here we use the rand() function to supply a pseudo random
244 * number which we make truly random by combining it with our own
245 * seed which is randomized by truly random events.
246 * Thus the numbers will be truly random unless there have been no
247 * operator or network events in which case it will be pseudo random
248 * seeded by srand().
249 *
250 * Alternatively, use LWIP_RAND if available, but we do not assume
251 * it is returning 32 bits of random data because it is probably
252 * going to be defined to directly return the rand() value. For
253 * example, LCP magic numbers are 32-bit random values.
254 */
255u32_t magic(void) {
256#ifdef LWIP_RAND
257 return (LWIP_RAND() << 16) + LWIP_RAND() + magic_randomseed;
258#else /* LWIP_RAND */
259 return ((u32_t)rand() << 16) + (u32_t)rand() + magic_randomseed;
260#endif /* LWIP_RAND */
261}
262
263/*
264 * Fill a buffer with random bytes.
265 */
266void magic_random_bytes(unsigned char *buf, u32_t buf_len) {
267 u32_t new_rand, n;
268
269 while (buf_len > 0) {
270 new_rand = magic();
271 n = LWIP_MIN(buf_len, sizeof(new_rand));
272 MEMCPY(buf, &new_rand, n);
273 buf += n;
274 buf_len -= n;
275 }
276}
277#endif /* PPP_MD5_RANDM */
278
279/*
280 * Return a new random number between 0 and (2^pow)-1 included.
281 */
282u32_t magic_pow(u8_t pow) {
283 return magic() & ~(~0UL<<pow);
284}
285
286#endif /* PPP_SUPPORT */
#define LWIP_MIN(x, y)
Definition: def.h:66
#define NULL
Definition: types.h:112
UCHAR u_char
Definition: types.h:80
double pow(double x, double y)
Definition: freeldr.c:178
GLdouble n
Definition: glext.h:7729
GLenum GLuint GLenum GLsizei const GLchar * buf
Definition: glext.h:7751
uint32_t u32_t
Definition: arch.h:129
uint8_t u8_t
Definition: arch.h:125
void __cdecl srand(_In_ unsigned int _Seed)
_Check_return_ int __cdecl rand(void)
Definition: rand.c:10
#define sys_jiffies()
Definition: sys_arch.h:28
#define MEMCPY(DST, SRC, BYTES)
Definition: macros.h:231
#define jiffies
Definition: module.h:1085
Definition: msi.c:4007
#define UL
Definition: tui.h:164