- Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs
diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c
index ab7b9a6..7b13e91 100644
--- a/programs/pkey/dh_client.c
+++ b/programs/pkey/dh_client.c
@@ -207,7 +207,7 @@
n = dhm.len;
if( ( ret = dhm_make_public( &dhm, 256, buf, n,
- havege_rand, &hs ) ) != 0 )
+ havege_random, &hs ) ) != 0 )
{
printf( " failed\n ! dhm_make_public returned %d\n\n", ret );
goto exit;
diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c
index f6ae03f..ae31a1e 100644
--- a/programs/pkey/dh_genprime.c
+++ b/programs/pkey/dh_genprime.c
@@ -80,7 +80,7 @@
* This can take a long time...
*/
if( ( ret = mpi_gen_prime( &P, DH_P_SIZE, 1,
- havege_rand, &hs ) ) != 0 )
+ havege_random, &hs ) ) != 0 )
{
printf( " failed\n ! mpi_gen_prime returned %d\n\n", ret );
goto exit;
@@ -101,7 +101,7 @@
goto exit;
}
- if( ( ret = mpi_is_prime( &Q, havege_rand, &hs ) ) != 0 )
+ if( ( ret = mpi_is_prime( &Q, havege_random, &hs ) ) != 0 )
{
printf( " failed\n ! mpi_is_prime returned %d\n\n", ret );
goto exit;
diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c
index de2ce97..70af54c 100644
--- a/programs/pkey/dh_server.c
+++ b/programs/pkey/dh_server.c
@@ -172,7 +172,7 @@
memset( buf, 0, sizeof( buf ) );
if( ( ret = dhm_make_params( &dhm, 256, buf, &n,
- havege_rand, &hs ) ) != 0 )
+ havege_random, &hs ) ) != 0 )
{
printf( " failed\n ! dhm_make_params returned %d\n\n", ret );
goto exit;
diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c
index 0b54a17..63e2f13 100644
--- a/programs/pkey/rsa_encrypt.c
+++ b/programs/pkey/rsa_encrypt.c
@@ -110,7 +110,7 @@
printf( "\n . Generating the RSA encrypted value" );
fflush( stdout );
- if( ( ret = rsa_pkcs1_encrypt( &rsa, havege_rand, &hs, RSA_PUBLIC, strlen( argv[1] ), input, buf ) ) != 0 )
+ if( ( ret = rsa_pkcs1_encrypt( &rsa, havege_random, &hs, RSA_PUBLIC, strlen( argv[1] ), input, buf ) ) != 0 )
{
printf( " failed\n ! rsa_pkcs1_encrypt returned %d\n\n", ret );
goto exit;
diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c
index d7158b4..e2d06fa 100644
--- a/programs/pkey/rsa_genkey.c
+++ b/programs/pkey/rsa_genkey.c
@@ -74,7 +74,7 @@
rsa_init( &rsa, RSA_PKCS_V15, 0 );
- if( ( ret = rsa_gen_key( &rsa, havege_rand, &hs, KEY_SIZE, EXPONENT ) ) != 0 )
+ if( ( ret = rsa_gen_key( &rsa, havege_random, &hs, KEY_SIZE, EXPONENT ) ) != 0 )
{
printf( " failed\n ! rsa_gen_key returned %d\n\n", ret );
goto exit;
diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c
index e33cead..3174599 100644
--- a/programs/pkey/rsa_sign_pss.c
+++ b/programs/pkey/rsa_sign_pss.c
@@ -105,7 +105,7 @@
goto exit;
}
- if( ( ret = rsa_pkcs1_sign( &rsa, havege_rand, &hs, RSA_PRIVATE, SIG_RSA_SHA1,
+ if( ( ret = rsa_pkcs1_sign( &rsa, havege_random, &hs, RSA_PRIVATE, SIG_RSA_SHA1,
20, hash, buf ) ) != 0 )
{
printf( " failed\n ! rsa_pkcs1_sign returned %d\n\n", ret );
diff --git a/programs/random/gen_random.c b/programs/random/gen_random.c
index 6a7aa3a..20246fe 100644
--- a/programs/random/gen_random.c
+++ b/programs/random/gen_random.c
@@ -44,7 +44,7 @@
{
FILE *f;
time_t t;
- int i, j, k;
+ int i, k;
havege_state hs;
unsigned char buf[1024];
@@ -66,8 +66,12 @@
for( i = 0, k = 768; i < k; i++ )
{
- for( j = 0; j < (int) sizeof( buf ); j++ )
- buf[j] = havege_rand( &hs );
+ if( havege_random( &hs, buf, sizeof( buf ) ) != 0 )
+ {
+ printf( "Failed to get random from source.\n" );
+ fclose( f );
+ return( 1 );
+ }
fwrite( buf, sizeof( buf ), 1, f );
diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c
index b57fe8d..0bfad1f 100644
--- a/programs/ssl/ssl_client1.c
+++ b/programs/ssl/ssl_client1.c
@@ -35,6 +35,7 @@
#include "polarssl/net.h"
#include "polarssl/ssl.h"
#include "polarssl/havege.h"
+#include "polarssl/error.h"
#define SERVER_PORT 4433
#define SERVER_NAME "localhost"
@@ -116,7 +117,7 @@
ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
- ssl_set_rng( &ssl, havege_rand, &hs );
+ ssl_set_rng( &ssl, havege_random, &hs );
ssl_set_dbg( &ssl, my_debug, stdout );
ssl_set_bio( &ssl, net_recv, &server_fd,
net_send, &server_fd );
@@ -183,6 +184,15 @@
exit:
+#ifdef POLARSSL_ERROR_C
+ if( ret != 0 )
+ {
+ char error_buf[100];
+ error_strerror( ret, error_buf, 100 );
+ printf("Last error was: %d - %s\n\n", ret, error_buf );
+ }
+#endif
+
net_close( server_fd );
ssl_free( &ssl );
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index de0af25..3825106 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -38,6 +38,7 @@
#include "polarssl/havege.h"
#include "polarssl/certs.h"
#include "polarssl/x509.h"
+#include "polarssl/error.h"
#define DFL_SERVER_NAME "localhost"
#define DFL_SERVER_PORT 4433
@@ -328,7 +329,7 @@
ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL );
- ssl_set_rng( &ssl, havege_rand, &hs );
+ ssl_set_rng( &ssl, havege_random, &hs );
ssl_set_dbg( &ssl, my_debug, stdout );
ssl_set_bio( &ssl, net_recv, &server_fd,
net_send, &server_fd );
@@ -452,6 +453,15 @@
exit:
+#ifdef POLARSSL_ERROR_C
+ if( ret != 0 )
+ {
+ char error_buf[100];
+ error_strerror( ret, error_buf, 100 );
+ printf("Last error was: %d - %s\n\n", ret, error_buf );
+ }
+#endif
+
if( server_fd )
net_close( server_fd );
x509_free( &clicert );
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 411eac1..85803d3 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -333,7 +333,7 @@
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
- ssl_set_rng( &ssl, havege_rand, &hs );
+ ssl_set_rng( &ssl, havege_random, &hs );
ssl_set_dbg( &ssl, my_debug, stdout );
ssl_set_bio( &ssl, net_recv, &client_fd,
net_send, &client_fd );
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index 8034a24..3f4bd75 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -581,7 +581,7 @@
ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL );
- ssl_set_rng( &ssl, havege_rand, &hs );
+ ssl_set_rng( &ssl, havege_random, &hs );
ssl_set_dbg( &ssl, my_debug, stdout );
ssl_set_bio( &ssl, net_recv, &server_fd,
net_send, &server_fd );
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index 1c6fec2..8a49140 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -42,6 +42,7 @@
#include "polarssl/x509.h"
#include "polarssl/ssl.h"
#include "polarssl/net.h"
+#include "polarssl/error.h"
#define HTTP_RESPONSE \
"HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
@@ -261,7 +262,6 @@
printf( " . Setting up the RNG and SSL data...." );
fflush( stdout );
- memset( &ssl, 0, sizeof( ssl ) );
havege_init( &hs );
if( ( ret = ssl_init( &ssl ) ) != 0 )
@@ -273,7 +273,7 @@
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
- ssl_set_rng( &ssl, havege_rand, &hs );
+ ssl_set_rng( &ssl, havege_random, &hs );
ssl_set_dbg( &ssl, my_debug, stdout );
ssl_set_scb( &ssl, my_get_session,
@@ -291,6 +291,15 @@
printf( " ok\n" );
reset:
+#ifdef POLARSSL_ERROR_C
+ if( ret != 0 )
+ {
+ char error_buf[100];
+ error_strerror( ret, error_buf, 100 );
+ printf("Last error was: %d - %s\n\n", ret, error_buf );
+ }
+#endif
+
if( client_fd != -1 )
net_close( client_fd );
@@ -420,12 +429,22 @@
len = ret;
printf( " %d bytes written\n\n%s\n", len, (char *) buf );
-
+
ssl_close_notify( &ssl );
+ ret = 0;
goto reset;
exit:
+#ifdef POLARSSL_ERROR_C
+ if( ret != 0 )
+ {
+ char error_buf[100];
+ error_strerror( ret, error_buf, 100 );
+ printf("Last error was: %d - %s\n\n", ret, error_buf );
+ }
+#endif
+
net_close( client_fd );
x509_free( &srvcert );
rsa_free( &rsa );
diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c
index 091a9cf..1588b47 100644
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@@ -47,12 +47,27 @@
#define BUFSIZE 1024
-static int myrand( void *rng_state )
+static int myrand( void *rng_state, unsigned char *output, size_t len )
{
+ size_t use_len;
+ int rnd;
+
if( rng_state != NULL )
rng_state = NULL;
- return( rand() );
+ while( len > 0 )
+ {
+ use_len = len;
+ if( use_len > sizeof(int) )
+ use_len = sizeof(int);
+
+ rnd = rand();
+ memcpy( output, &rnd, use_len );
+ output += use_len;
+ len -= use_len;
+ }
+
+ return( 0 );
}
unsigned char buf[BUFSIZE];
diff --git a/programs/test/ssl_test.c b/programs/test/ssl_test.c
index 683963c..8bac4b2 100644
--- a/programs/test/ssl_test.c
+++ b/programs/test/ssl_test.c
@@ -257,7 +257,7 @@
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
- ssl_set_rng( &ssl, havege_rand, &hs );
+ ssl_set_rng( &ssl, havege_random, &hs );
ssl_set_dbg( &ssl, my_debug, opt );
ssl_set_bio( &ssl, net_recv, &client_fd,
net_send, &client_fd );
diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c
index 1350fc1..cde96af 100644
--- a/programs/x509/cert_app.c
+++ b/programs/x509/cert_app.c
@@ -250,7 +250,7 @@
ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
- ssl_set_rng( &ssl, havege_rand, &hs );
+ ssl_set_rng( &ssl, havege_random, &hs );
ssl_set_dbg( &ssl, my_debug, stdout );
ssl_set_bio( &ssl, net_recv, &server_fd,
net_send, &server_fd );