From 503ed535983a12b4333428712ac404d062519782 Mon Sep 17 00:00:00 2001
From: Rudolf Polzer <divVerent@alientrap.org>
Date: Fri, 27 Aug 2010 10:33:41 +0200
Subject: [PATCH] detect failed RNG initialization

---
 d0_bignum-gmp.c | 28 ++++++++++++++++++++++------
 d0_bignum.h     |  2 +-
 d0_blind_id.c   |  7 ++++---
 d0_blind_id.h   |  2 +-
 4 files changed, 28 insertions(+), 11 deletions(-)

diff --git a/d0_bignum-gmp.c b/d0_bignum-gmp.c
index 4e8a11b..1567d42 100644
--- a/d0_bignum-gmp.c
+++ b/d0_bignum-gmp.c
@@ -39,9 +39,10 @@ static d0_bignum_t temp;
 #include <time.h>
 #include <stdio.h>
 
-void d0_bignum_INITIALIZE(void)
+WARN_UNUSED_RESULT BOOL d0_bignum_INITIALIZE(void)
 {
 	FILE *f;
+	BOOL ret = 1;
 	unsigned char buf[256];
 	d0_bignum_init(&temp);
 	gmp_randinit_mt(RANDSTATE);
@@ -53,18 +54,25 @@ void d0_bignum_INITIALIZE(void)
 		if(CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
 		{
 			if(!CryptGenRandom(hCryptProv, sizeof(buf), (PBYTE) &buf[0]))
+			{
 				fprintf(stderr, "WARNING: could not initialize random number generator (CryptGenRandom failed)\n");
+				ret = 0;
+			}
 			CryptReleaseContext(hCryptProv, 0);
 		}
-		else
+		else if(CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_NEWKEYSET))
 		{
-			if(CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_NEWKEYSET))
+			if(!CryptGenRandom(hCryptProv, sizeof(buf), (PBYTE) &buf[0]))
 			{
-				if(!CryptGenRandom(hCryptProv, sizeof(buf), (PBYTE) &buf[0]))
-					fprintf(stderr, "WARNING: could not initialize random number generator (CryptGenRandom failed)\n");
-				CryptReleaseContext(hCryptProv, 0);
+				fprintf(stderr, "WARNING: could not initialize random number generator (CryptGenRandom failed)\n");
+				ret = 0;
 			}
+			CryptReleaseContext(hCryptProv, 0);
+		}
+		else
+		{
 			fprintf(stderr, "WARNING: could not initialize random number generator (CryptAcquireContext failed)\n");
+			ret = 0;
 		}
 	}
 #else
@@ -75,15 +83,23 @@ void d0_bignum_INITIALIZE(void)
 	{
 		setbuf(f, NULL);
 		if(fread(buf, sizeof(buf), 1, f) != 1)
+		{
 			fprintf(stderr, "WARNING: could not initialize random number generator (read from random device failed)\n");
+			ret = 0;
+		}
 		fclose(f);
 	}
 	else
+	{
 		fprintf(stderr, "WARNING: could not initialize random number generator (no random device found)\n");
+		ret = 0;
+	}
 #endif
 
 	mpz_import(temp.z, sizeof(buf), 1, 1, 0, 0, buf);
 	gmp_randseed(RANDSTATE, temp.z);
+
+	return ret;
 }
 
 void d0_bignum_SHUTDOWN(void)
diff --git a/d0_bignum.h b/d0_bignum.h
index bccaee5..a11360c 100644
--- a/d0_bignum.h
+++ b/d0_bignum.h
@@ -11,7 +11,7 @@ WARN_UNUSED_RESULT d0_bignum_t *d0_iobuf_read_bignum(d0_iobuf_t *buf, d0_bignum_
 WARN_UNUSED_RESULT ssize_t d0_bignum_export_unsigned(const d0_bignum_t *bignum, void *buf, size_t bufsize); // big endian, return value = number of significant bytes (or -1 on error)
 WARN_UNUSED_RESULT d0_bignum_t *d0_bignum_import_unsigned(d0_bignum_t *bignum, const void *buf, size_t bufsize);
 
-void d0_bignum_INITIALIZE(void);
+WARN_UNUSED_RESULT BOOL d0_bignum_INITIALIZE(void);
 void d0_bignum_SHUTDOWN(void);
 
 WARN_UNUSED_RESULT d0_bignum_t *d0_bignum_new(void);
diff --git a/d0_blind_id.c b/d0_blind_id.c
index 4989e9e..e138642 100644
--- a/d0_blind_id.c
+++ b/d0_blind_id.c
@@ -88,9 +88,9 @@ struct d0_blind_id_s
 
 static d0_bignum_t *zero, *one, *four, *temp0, *temp1, *temp2, *temp3, *temp4;
 
-void d0_blind_id_INITIALIZE(void)
+WARN_UNUSED_RESULT BOOL d0_blind_id_INITIALIZE(void)
 {
-	d0_bignum_INITIALIZE();
+	CHECK(d0_bignum_INITIALIZE());
 	CHECK_ASSIGN(zero, d0_bignum_int(zero, 0));
 	CHECK_ASSIGN(one, d0_bignum_int(one, 1));
 	CHECK_ASSIGN(four, d0_bignum_int(four, 4));
@@ -99,8 +99,9 @@ void d0_blind_id_INITIALIZE(void)
 	CHECK_ASSIGN(temp2, d0_bignum_int(temp2, 0));
 	CHECK_ASSIGN(temp3, d0_bignum_int(temp3, 0));
 	CHECK_ASSIGN(temp4, d0_bignum_int(temp4, 0));
+	return 1;
 fail:
-	;
+	return 0;
 }
 
 void d0_blind_id_SHUTDOWN(void)
diff --git a/d0_blind_id.h b/d0_blind_id.h
index 15768a6..1072ac6 100644
--- a/d0_blind_id.h
+++ b/d0_blind_id.h
@@ -38,7 +38,7 @@ EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_authenticate_with_private_id_generate
 EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_fingerprint64_public_id(const d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen);
 EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_sessionkey_public_id(const d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen); // can only be done after successful key exchange, this performs a modpow; key length is limited by SHA_DIGESTSIZE for now; also ONLY valid after successful d0_blind_id_authenticate_with_private_id_verify/d0_blind_id_fingerprint64_public_id
 
-EXPORT void d0_blind_id_INITIALIZE(void);
+EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_INITIALIZE(void);
 EXPORT void d0_blind_id_SHUTDOWN(void);
 
 EXPORT void d0_blind_id_util_sha256(char *out, const char *in, size_t n);
-- 
2.39.2