1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
|
/*
* Copyright 1998-2025 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "apps.h"
#include "progs.h"
#include <ctype.h>
#include <stdio.h>
#include <string.h>
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/rand.h>
typedef enum OPTION_choice {
OPT_COMMON,
OPT_OUT, OPT_ENGINE, OPT_BASE64, OPT_HEX,
OPT_R_ENUM, OPT_PROV_ENUM
} OPTION_CHOICE;
const OPTIONS rand_options[] = {
{OPT_HELP_STR, 1, '-', "Usage: %s [options] num[K|M|G|T]\n"},
OPT_SECTION("General"),
{"help", OPT_HELP, '-', "Display this summary"},
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
#endif
OPT_SECTION("Output"),
{"out", OPT_OUT, '>', "Output file"},
{"base64", OPT_BASE64, '-', "Base64 encode output"},
{"hex", OPT_HEX, '-', "Hex encode output"},
OPT_R_OPTIONS,
OPT_PROV_OPTIONS,
OPT_PARAMETERS(),
{"num", 0, 0, "Number of bytes to generate"},
{NULL}
};
int rand_main(int argc, char **argv)
{
ENGINE *e = NULL;
BIO *out = NULL;
char *outfile = NULL, *prog;
OPTION_CHOICE o;
int format = FORMAT_BINARY, r, i, ret = 1;
size_t buflen = (1 << 16); /* max rand chunk size is 2^16 bytes */
long num = -1;
uint64_t scaled_num = 0;
uint8_t *buf = NULL;
prog = opt_init(argc, argv, rand_options);
while ((o = opt_next()) != OPT_EOF) {
switch (o) {
case OPT_EOF:
case OPT_ERR:
opthelp:
BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
goto end;
case OPT_HELP:
opt_help(rand_options);
ret = 0;
goto end;
case OPT_OUT:
outfile = opt_arg();
break;
case OPT_ENGINE:
e = setup_engine(opt_arg(), 0);
break;
case OPT_R_CASES:
if (!opt_rand(o))
goto end;
break;
case OPT_BASE64:
format = FORMAT_BASE64;
break;
case OPT_HEX:
format = FORMAT_TEXT;
break;
case OPT_PROV_CASES:
if (!opt_provider(o))
goto end;
break;
}
}
/* Optional argument is number of bytes to generate. */
argc = opt_num_rest();
argv = opt_rest();
if (argc == 1) {
int factoridx = 0;
int shift = 0;
/*
* special case for requesting the max allowed
* number of random bytes to be generated
*/
if (!strcmp(argv[0], "max")) {
/*
* 2^61 bytes is the limit of random output
* per drbg instantiation
*/
scaled_num = UINT64_MAX >> 3;
} else {
/*
* iterate over the value and check to see if there are
* any non-numerical chars
* A non digit suffix indicates we need to shift the
* number of requested bytes by a factor of:
* K = 1024^1 (1 << (10 * 1))
* M = 1024^2 (1 << (10 * 2))
* G = 1024^3 (1 << (10 * 3))
* T = 1024^4 (1 << (10 * 4))
* which can be achieved by bit-shifting the number
*/
while (argv[0][factoridx]) {
if (!isdigit((int)(argv[0][factoridx]))) {
switch(argv[0][factoridx]) {
case 'K':
shift = 10;
break;
case 'M':
shift = 20;
break;
case 'G':
shift = 30;
break;
case 'T':
shift = 40;
break;
default:
BIO_printf(bio_err, "Invalid size suffix %s\n",
&argv[0][factoridx]);
goto opthelp;
}
break;
}
factoridx++;
}
if (shift != 0 && strlen(&argv[0][factoridx]) != 1) {
BIO_printf(bio_err, "Invalid size suffix %s\n",
&argv[0][factoridx]);
goto opthelp;
}
}
/* Remove the suffix from the arg so that opt_long works */
if (shift != 0)
argv[0][factoridx] = '\0';
if ((scaled_num == 0) && (!opt_long(argv[0], &num) || num <= 0))
goto opthelp;
if (shift != 0) {
/* check for overflow */
if ((UINT64_MAX >> shift) < (size_t)num) {
BIO_printf(bio_err, "%lu bytes with suffix overflows\n",
num);
goto opthelp;
}
scaled_num = num << shift;
if (scaled_num > (UINT64_MAX >> 3)) {
BIO_printf(bio_err, "Request exceeds max allowed output\n");
goto opthelp;
}
} else {
if (scaled_num == 0)
scaled_num = num;
}
} else if (!opt_check_rest_arg(NULL)) {
goto opthelp;
}
if (!app_RAND_load())
goto end;
out = bio_open_default(outfile, 'w', format);
if (out == NULL)
goto end;
if (format == FORMAT_BASE64) {
BIO *b64 = BIO_new(BIO_f_base64());
if (b64 == NULL)
goto end;
out = BIO_push(b64, out);
}
buf = app_malloc(buflen, "buffer for output file");
while (scaled_num > 0) {
int chunk;
chunk = scaled_num > buflen ? (int)buflen : (int)scaled_num;
r = RAND_bytes_ex(app_get0_libctx(), buf, chunk, 0);
if (r <= 0)
goto end;
if (format != FORMAT_TEXT) {
if (BIO_write(out, buf, chunk) != chunk)
goto end;
} else {
for (i = 0; i < chunk; i++)
if (BIO_printf(out, "%02x", buf[i]) != 2)
goto end;
}
scaled_num -= chunk;
}
if (format == FORMAT_TEXT)
BIO_puts(out, "\n");
if (BIO_flush(out) <= 0)
goto end;
ret = 0;
end:
if (ret != 0)
ERR_print_errors(bio_err);
OPENSSL_free(buf);
release_engine(e);
BIO_free_all(out);
return ret;
}
|
