Add PRNGD support to tlslite to try to get AIX <= 5.1 to work (they have no /dev/random or /dev/urandom). Once this is tested I'll submit to tlslite-users for inclusion in upstream source.

git-svn-id: https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2@3438 ce84e21b-d406-0410-9b95-82705330c041

2 files changed, 77 insertions, 4 deletions

diff --git a/src/lib/tlslite/utils/cryptomath.py b/src/lib/tlslite/utils/cryptomath.py
index 51d6dff7c..204bb485c 100755
--- a/src/lib/tlslite/utils/cryptomath.py
+++ b/src/lib/tlslite/utils/cryptomath.py
@@ -99,11 +99,22 @@ except:
                     return stringToBytes(s)
                 prngName ="CryptoAPI"
             except ImportError:
+                # Else see if we ahve Pprngd running
+                try:
+                    def getRandomBytes(howMany):
+                        import prngd
+                        try:
+                            p = prngd.PRNGD(sockname="/var/run/egd-pool")
+                        except:
+                            p = prngd.PRNGD(sockname="/dev/egd-pool")
+                        return stringToBytes(p.read(howMany))
+                    prngName = "PRNGD"
+                except:
                 #Else no PRNG :-(
-                def getRandomBytes(howMany):
-                    raise NotImplementedError("No Random Number Generator "\
-                                              "available.")
-            prngName = "None"
+                    def getRandomBytes(howMany):
+                        raise NotImplementedError("No Random Number Generator "\
+                                                  "available.")
+                    prngName = "None"
 
 # **************************************************************************
 # Converter Functions
diff --git a/src/lib/tlslite/utils/prngd.py b/src/lib/tlslite/utils/prngd.py
new file mode 100644
index 000000000..c86b7046a
--- /dev/null
+++ b/src/lib/tlslite/utils/prngd.py
@@ -0,0 +1,62 @@
+"""prngd module
+
+This module interfaces with PRNGD - Pseudo Random Number Generator
+Daemon for platforms without /dev/random or /dev/urandom.
+
+It is based on code from Stuart D. Gathman stuart at bmsi.com and is
+Public Domain. The original code is available from
+http://mail.python.org/pipermail/python-list/2002-November/170737.html"""
+
+import socket
+from struct import unpack,pack
+
+class PRNGD:
+  "Provide access to the Portable Random Number Generator Daemon"
+
+  def __init__(self,sockname="/var/run/egd-pool"):
+    self.randfile = socket.socket(socket.AF_UNIX,socket.SOCK_STREAM)
+    self.randfile.connect(sockname)
+
+  def _readall(self,n):
+    s = self.randfile.recv(n)
+    while len(s) < n:
+      s = s + self.randfile.recv(n - len(s))
+    return s
+
+  def get(self):
+    "Return number of available bytes of entropy."
+    self.randfile.sendall('\x00')
+    return unpack(">i",self._readall(4))[0]
+
+  def read(self,cnt):
+    "Return available entropy, up to cnt bytes."
+    if cnt > 255: cnt = 255
+    self.randfile.sendall(pack("BB",0x01,cnt))
+    buf = self._readall(1)
+    assert len(buf) == 1
+    count = unpack("B",buf)[0]
+    buf = self._readall(count)
+    assert len(buf) == count, "didn't get all the entropy"
+    return buf
+
+  def readall(self,cnt):
+    "Return all entropy bytes requested"
+    if cnt < 256:
+      self.randfile.sendall(pack("BB",0x02,cnt))
+      return self._readall(cnt)
+    buf = readall(self,255)
+    cnt -= len(buf)
+    while cnt > 255:
+      buf += readall(self,255)
+      cnt -= len(buf)
+    return buf + readall(self,cnt)
+
+  def getpid(self):
+    "Return the process id string of the prngd"
+    self.randfile.sendall('\x04')
+    buf = self._readall(1)
+    assert len(buf) == 1
+    count = unpack("B",buf)[0]
+    buf = self._readall(count)
+    assert len(buf) == count, "didn't get whole PID string"
+    return buf