diff options
| author | Rich Salz <rsalz@openssl.org> | 2017-07-18 09:39:21 -0400 |
|---|---|---|
| committer | Rich Salz <rsalz@openssl.org> | 2017-07-22 14:00:07 -0400 |
| commit | 8389ec4b4950b9474e72a959eb0b0a6ce77ac1e8 (patch) | |
| tree | 433fb30336963d2bd5a8cd7bb87a4dba32313f92 /apps/version.c | |
| parent | 0d7903f83f84bba1d29225efd999c633a0c5ba01 (diff) | |
Add --with-rand-seed
Add a new config param to specify how the CSPRNG should be seeded.
Illegal values or nonsensical combinations (e.g., anything other
than "os" on VMS or HP VOS etc) result in build failures.
Add RDSEED support.
Add RDTSC but leave it disabled for now pending more investigation.
Refactor and reorganization all seeding files (rand_unix/win/vms) so
that they are simpler.
Only require 128 bits of seeding material.
Many document improvements, including why to not use RAND_add() and the
limitations around using load_file/write_file.
Document RAND_poll().
Cleanup Windows RAND_poll and return correct status
More completely initialize the default DRBG.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/3965)
Diffstat (limited to 'apps/version.c')
| -rw-r--r-- | apps/version.c | 38 |
1 files changed, 35 insertions, 3 deletions
diff --git a/apps/version.c b/apps/version.c index 24f1a80fdf..298d837f5a 100644 --- a/apps/version.c +++ b/apps/version.c @@ -32,7 +32,7 @@ typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, - OPT_B, OPT_D, OPT_E, OPT_F, OPT_O, OPT_P, OPT_V, OPT_A + OPT_B, OPT_D, OPT_E, OPT_F, OPT_O, OPT_P, OPT_V, OPT_A, OPT_R } OPTION_CHOICE; const OPTIONS version_options[] = { @@ -44,13 +44,14 @@ const OPTIONS version_options[] = { {"f", OPT_F, '-', "Show compiler flags used"}, {"o", OPT_O, '-', "Show some internal datatype options"}, {"p", OPT_P, '-', "Show target build platform"}, + {"r", OPT_R, '-', "Show random seeding options"}, {"v", OPT_V, '-', "Show library version"}, {NULL} }; int version_main(int argc, char **argv) { - int ret = 1, dirty = 0; + int ret = 1, dirty = 0, seed = 0; int cflags = 0, version = 0, date = 0, options = 0, platform = 0, dir = 0; int engdir = 0; char *prog; @@ -85,11 +86,14 @@ int version_main(int argc, char **argv) case OPT_P: dirty = platform = 1; break; + case OPT_R: + dirty = seed = 1; + break; case OPT_V: dirty = version = 1; break; case OPT_A: - cflags = version = date = platform = dir = engdir = 1; + seed = cflags = version = date = platform = dir = engdir = 1; break; } } @@ -133,6 +137,34 @@ int version_main(int argc, char **argv) printf("%s\n", OpenSSL_version(OPENSSL_DIR)); if (engdir) printf("%s\n", OpenSSL_version(OPENSSL_ENGINES_DIR)); + if (seed) { + printf("Seeding source:"); +#ifdef OPENSSL_RAND_SEED_RTDSC + printf(" rtdsc"); +#endif +#ifdef OPENSSL_RAND_SEED_RDCPU + printf(" rdrand-hardware"); +#endif +#ifdef OPENSSL_RAND_SEED_LIBRANDOM + printf(" C-library-random"); +#endif +#ifdef OPENSSL_RAND_SEED_GETRANDOM + printf(" getrandom-syscall"); +#endif +#ifdef OPENSSL_RAND_SEED_DEVRANDOM + printf(" random-device"); +#endif +#ifdef OPENSSL_RAND_SEED_EGD + printf(" EGD"); +#endif +#ifdef OPENSSL_RAND_SEED_NONE + printf(" none"); +#endif +#ifdef OPENSSL_RAND_SEED_OS + printf(" os-specific"); +#endif + printf("\n"); + } ret = 0; end: return (ret); |