can create v4 signatures

11 files changed, 500 insertions, 205 deletions

diff --git a/cipher/ChangeLog b/cipher/ChangeLog
index ae96007a1..3babcbc90 100644
--- a/cipher/ChangeLog
+++ b/cipher/ChangeLog
@@ -1,3 +1,12 @@
+Fri May  8 18:07:44 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* rand-internal.h, rand-unix.c, rand-w32.c, rand_dummy.c: New
+	* random.c: Moved system specific functions to rand-****.c
+
+Fri May  8 14:01:17 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* random.c (fast_random_poll): add call to gethrtime.
+
 Tue May  5 21:28:55 1998  Werner Koch  (wk@isil.d.shuttle.de)
 
 	* elgamal.c (elg_generate): choosing x was not correct, could
diff --git a/cipher/Makefile.am b/cipher/Makefile.am
index 3e8885b6a..13b9d0aad 100644
--- a/cipher/Makefile.am
+++ b/cipher/Makefile.am
@@ -18,6 +18,10 @@ libcipher_a_SOURCES = cipher.c	\
 		 primegen.c	\
 		 random.h	\
 		 random.c	\
+		 rand-internal.h \
+		 rand-unix.c	\
+		 rand-w32.c	\
+		 rand-dummy.c	\
 		 rmd.h		\
 		 rmd160.c	\
 		 tiger.h	\
diff --git a/cipher/Makefile.in b/cipher/Makefile.in
index 52bfc4667..21169bfc4 100644
--- a/cipher/Makefile.in
+++ b/cipher/Makefile.in
@@ -109,6 +109,10 @@ libcipher_a_SOURCES = cipher.c	\
 		 primegen.c	\
 		 random.h	\
 		 random.c	\
+		 rand-internal.h \
+		 rand-unix.c	\
+		 rand-w32.c	\
+		 rand-dummy.c	\
 		 rmd.h		\
 		 rmd160.c	\
 		 tiger.h	\
@@ -135,8 +139,8 @@ CPPFLAGS = @CPPFLAGS@
 LDFLAGS = @LDFLAGS@
 LIBS = @LIBS@
 libcipher_a_OBJECTS =  cipher.o blowfish.o cast5.o elgamal.o md5.o \
-primegen.o random.o rmd160.o tiger.o sha1.o dsa.o md.o misc.o \
-smallprime.o
+primegen.o random.o rand-unix.o rand-w32.o rand-dummy.o rmd160.o \
+tiger.o sha1.o dsa.o md.o misc.o smallprime.o
 AR = ar
 CFLAGS = @CFLAGS@
 COMPILE = $(CC) $(DEFS) $(INCLUDES) $(CPPFLAGS) $(CFLAGS)
@@ -150,8 +154,8 @@ TAR = tar
 GZIP = --best
 DEP_FILES =  .deps/blowfish.P .deps/cast5.P .deps/cipher.P .deps/dsa.P \
 .deps/elgamal.P .deps/md.P .deps/md5.P .deps/misc.P .deps/primegen.P \
-.deps/random.P .deps/rmd160.P .deps/sha1.P .deps/smallprime.P \
-.deps/tiger.P
+.deps/rand-dummy.P .deps/rand-unix.P .deps/rand-w32.P .deps/random.P \
+.deps/rmd160.P .deps/sha1.P .deps/smallprime.P .deps/tiger.P
 SOURCES = $(libcipher_a_SOURCES)
 OBJECTS = $(libcipher_a_OBJECTS)
 
diff --git a/cipher/md.c b/cipher/md.c
index 0536fc2fe..87e66d995 100644
--- a/cipher/md.c
+++ b/cipher/md.c
@@ -93,6 +93,8 @@ md_close(MD_HANDLE a)
 {
     if( !a )
 	return;
+    if( a->debug )
+	md_stop_debug(a);
     m_free(a);
 }
 
@@ -255,3 +257,29 @@ md_asn_oid( int algo, size_t *asnlen, size_t *mdlen )
 }
 
 
+void
+md_start_debug( MD_HANDLE md, const char *suffix )
+{
+    static int index=0;
+    char buf[25];
+
+    if( md->debug ) {
+	log_debug("Oops: md debug already started\n");
+	return;
+    }
+    index++;
+    sprintf(buf, "dbgmd-%05d.%.10s", index, suffix );
+    md->debug = fopen(buf, "w");
+    if( !md->debug )
+	log_debug("md debug: can't open %s\n", buf );
+}
+
+void
+md_stop_debug( MD_HANDLE md )
+{
+    if( md->debug ) {
+	fclose(md->debug);
+	md->debug = NULL;
+    }
+}
+
diff --git a/cipher/md.h b/cipher/md.h
index 3bad06182..e55a99ee0 100644
--- a/cipher/md.h
+++ b/cipher/md.h
@@ -65,6 +65,8 @@ byte *md_read( MD_HANDLE a, int algo );
 int md_get_algo( MD_HANDLE a );
 int md_digest_length( int algo );
 const byte *md_asn_oid( int algo, size_t *asnlen, size_t *mdlen );
+void md_start_debug( MD_HANDLE a, const char *suffix );
+void md_stop_debug( MD_HANDLE a );
 #define md_is_secure(a) ((a)->secure)
 
 #endif /*G10_MD_H*/
diff --git a/cipher/rand-dummy.c b/cipher/rand-dummy.c
new file mode 100644
index 000000000..3e7a42573
--- /dev/null
+++ b/cipher/rand-dummy.c
@@ -0,0 +1,128 @@
+/* rand-dummy.c  -  INSECURE dummy random device
+ *	Copyright (C) 1998 Free Software Foundation, Inc.
+ *
+ * This file is part of GNUPG.
+ *
+ * GNUPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GNUPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <errno.h>
+#include <sys/time.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#ifdef	HAVE_GETHRTIME
+  #include <sys/times.h>
+#endif
+#ifndef HAVE_GETTIMEOFTIME
+  #include <sys/times.h>
+#endif
+#ifdef HAVE_GETRUSAGE
+  #include <sys/resource.h>
+#endif
+#include <string.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include "util.h"
+#include "ttyio.h"
+#include "i18n.h"
+#include "rand-internal.h"
+#ifdef USE_RAND_DUMMY /* a dummy random file so we can do some tests */
+
+
+#ifndef RAND_MAX   /* for SunOS */
+  #define RAND_MAX 32767
+#endif
+
+#if __GNUC__
+  #warning Using the insecure dummy random device
+#endif
+
+void
+random_poll()
+{
+    char buf[POOLSIZE/5];
+    read_random_source( buf, POOLSIZE/5, 1 ); /* read dummy data */
+    add_randomness( buf, POOLSIZE/5, 2);
+    memset( buf, 0, POOLSIZE/5);
+}
+
+
+void
+fast_random_poll()
+{
+  #if HAVE_GETHRTIME
+    {	hrtime_t tv;
+	tv = gethrtime(void);
+	add_randomness( &tv, sizeof(tv), 1 );
+    }
+  #elif HAVE_GETTIMEOFTIME
+    {	struct timeval tv;
+	if( gettimeofday( &tv, NULL ) )
+	    BUG();
+	add_randomness( &tv.tv_sec, sizeof(tv.tv_sec), 1 );
+	add_randomness( &tv.tv_usec, sizeof(tv.tv_usec), 1 );
+    }
+  #else /* use times */
+    {	struct tms buf;
+	times( &buf );
+	add_randomness( &buf, sizeof buf, 1 );
+    }
+  #endif
+  #ifdef HAVE_GETRUSAGE
+    {	struct rusage buf;
+	if( getrusage( RUSAGE_SELF, &buf ) )
+	    BUG();
+	add_randomness( &buf, sizeof buf, 1 );
+	memset( &buf, 0, sizeof buf );
+    }
+  #endif
+}
+
+
+
+void
+read_random_source( byte *buffer, size_t length, int level )
+{
+    static int initialized=0;
+
+    if( !initialized ) {
+	log_info(_("warning: using insecure random number generator!!\n"));
+	tty_printf(_("The random number generator is only a kludge to let\n"
+		   "it compile - it is in no way a strong RNG!\n\n"
+		   "DON'T USE ANY DATA GENERATED BY THIS PROGRAM!!\n\n"));
+	initialized=1;
+      #ifdef HAVE_RAND
+	srand(make_timestamp()*getpid());
+      #else
+	srandom(make_timestamp()*getpid());
+      #endif
+    }
+
+  #ifdef HAVE_RAND
+    while( length-- )
+	*buffer++ = ((unsigned)(1 + (int) (256.0*rand()/(RAND_MAX+1.0)))-1);
+  #else
+    while( length-- )
+	*buffer++ = ((unsigned)(1 + (int) (256.0*random()/(RAND_MAX+1.0)))-1);
+  #endif
+}
+
+
+#endif /* USE_RAND_DUMMY */
diff --git a/cipher/rand-internal.h b/cipher/rand-internal.h
new file mode 100644
index 000000000..e1e137871
--- /dev/null
+++ b/cipher/rand-internal.h
@@ -0,0 +1,53 @@
+/* rand-internal.h - header to glue the random functions
+ *	Copyright (C) 1998 Free Software Foundation, Inc.
+ *
+ * This file is part of GNUPG.
+ *
+ * GNUPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GNUPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+#ifndef G10_RAND_INTERNAL_H
+#define G10_RAND_INTERNAL_H
+
+/* For now we use the DUMMY random generator if we do not have
+ * the real random device */
+#ifndef HAVE_DEV_RANDOM
+  #define USE_RAND_DUMMY 1
+  #undef  USE_RAND_UNIX
+  #undef  USE_RAND_W32
+#endif
+
+
+
+#include "random.h"
+
+#define BLOCKLEN  64   /* hash this amount of bytes */
+#define DIGESTLEN 20   /* into a digest of this length (rmd160) */
+/* poolblocks is the number of digests which make up the pool
+ * and poolsize must be a multiple of the digest length
+ * to make the AND operations faster, the size should also be
+ * a multiple of ulong
+ */
+#define POOLBLOCKS 30
+#define POOLSIZE (POOLBLOCKS*DIGESTLEN)
+#if (POOLSIZE % SIZEOF_UNSIGNED_LONG)
+  #error Please make sure that poolsize is a multiple of ulong
+#endif
+#define POOLWORDS (POOLSIZE / SIZEOF_UNSIGNED_LONG)
+
+
+void read_random_source( byte *buffer, size_t length, int level );
+
+
+#endif /*G10_RAND_INTERNAL_H*/
diff --git a/cipher/rand-unix.c b/cipher/rand-unix.c
new file mode 100644
index 000000000..a0f19d824
--- /dev/null
+++ b/cipher/rand-unix.c
@@ -0,0 +1,203 @@
+/* rand-unix.c	-  raw random number generator for unix like OSes
+ *	Copyright (C) 1998 Free Software Foundation, Inc.
+ *
+ * This file is part of GNUPG.
+ *
+ * GNUPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GNUPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <errno.h>
+#include <sys/time.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#ifdef	HAVE_GETHRTIME
+  #include <sys/times.h>
+#endif
+#ifndef HAVE_GETTIMEOFTIME
+  #include <sys/times.h>
+#endif
+#ifdef HAVE_GETRUSAGE
+  #include <sys/resource.h>
+#endif
+#include <string.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include "util.h"
+#include "rmd.h"
+#include "ttyio.h"
+#include "i18n.h"
+#include "rand-internal.h"
+#ifdef USE_RAND_UNIX  /* This file is only for real systems */
+
+
+void
+random_poll()
+{
+    char buf[POOLSIZE/5];
+    read_random_source( buf, POOLSIZE/5, 1 ); /* read /dev/urandom */
+    add_randomness( buf, POOLSIZE/5, 2);
+    memset( buf, 0, POOLSIZE/5);
+}
+
+
+void
+fast_random_poll()
+{
+  #if HAVE_GETHRTIME
+    {	hrtime_t tv;
+	tv = gethrtime(void);
+	add_randomness( &tv, sizeof(tv), 1 );
+    }
+  #elif HAVE_GETTIMEOFTIME
+    {	struct timeval tv;
+	if( gettimeofday( &tv, NULL ) )
+	    BUG();
+	add_randomness( &tv.tv_sec, sizeof(tv.tv_sec), 1 );
+	add_randomness( &tv.tv_usec, sizeof(tv.tv_usec), 1 );
+    }
+  #else /* use times */
+    {	struct tms buf;
+	times( &buf );
+	add_randomness( &buf, sizeof buf, 1 );
+    }
+  #endif
+  #ifdef HAVE_GETRUSAGE
+    {	struct rusage buf;
+	if( getrusage( RUSAGE_SELF, &buf ) )
+	    BUG();
+	add_randomness( &buf, sizeof buf, 1 );
+	memset( &buf, 0, sizeof buf );
+    }
+  #endif
+}
+
+
+#ifdef HAVE_DEV_RANDOM	/* we have the /dev/random device */
+
+/****************
+ * Used to open the Linux /dev/random device
+ */
+static int
+open_device( const char *name, int minor )
+{
+    int fd;
+    struct stat sb;
+
+    fd = open( name, O_RDONLY );
+    if( fd == -1 )
+	log_fatal("can't open %s: %s\n", name, strerror(errno) );
+    if( fstat( fd, &sb ) )
+	log_fatal("stat() off %s failed: %s\n", name, strerror(errno) );
+  #if defined(__sparc__) && defined(__linux__)
+    #warning something is wrong with UltraPenguin /dev/random
+  #else
+    if( !S_ISCHR(sb.st_mode) )
+	log_fatal("invalid random device!\n" );
+  #endif
+    return fd;
+}
+
+
+void
+read_random_source( byte *buffer, size_t length, int level )
+{
+    static int fd_urandom = -1;
+    static int fd_random = -1;
+    int fd;
+    int n;
+    int warn=0;
+
+    if( level == 2 ) {
+	if( fd_random == -1 )
+	    fd_random = open_device( "/dev/random", 8 );
+	fd = fd_random;
+    }
+    else {
+	/* fixme: we should use a simpler one for level 0,
+	 * because reading from /dev/urandom removes entropy
+	 * and the next read on /dev/random may have to wait */
+	if( fd_urandom == -1 )
+	    fd_urandom = open_device( "/dev/urandom", 9 );
+	fd = fd_urandom;
+    }
+
+
+    do {
+	fd_set rfds;
+	struct timeval tv;
+	int rc;
+
+	FD_ZERO(&rfds);
+	FD_SET(fd, &rfds);
+	tv.tv_sec = 3;
+	tv.tv_usec = 0;
+	if( !(rc=select(fd+1, &rfds, NULL, NULL, &tv)) ) {
+	    if( !warn )
+		tty_printf( _(
+"\n"
+"Not enough random bytes available.  Please do some other work to give\n"
+"the OS a chance to collect more entropy! (Need %d more bytes)\n"), length );
+	    warn = 1;
+	    continue;
+	}
+	else if( rc == -1 ) {
+	    tty_printf("select() error: %s\n", strerror(errno));
+	    continue;
+	}
+
+	assert( length < 500 );
+	do {
+	    n = read(fd, buffer, length );
+	    if( n >= 0 && n > length ) {
+		log_error("bogus read from random device (n=%d)\n", n );
+		n = length;
+	    }
+	} while( n == -1 && errno == EINTR );
+	if( n == -1 )
+	    log_fatal("read error on random device: %s\n", strerror(errno) );
+	assert( n <= length );
+	buffer += n;
+	length -= n;
+    } while( length );
+}
+
+#else /* not HAVE_DEV_RANDOM */
+
+
+/****************
+ * The real random data collector for Unix.
+ * this function runs in a loop, waiting for commands from ctrl_fd
+ * and normally starts a collection process, which outputs random
+ * bytes to out_fd.
+ *
+ * Commands understand from ctrl_fd are single character:
+ *  'Q' = Quit the loop
+ *  'S' = Start a new collection process
+ */
+static void
+collector( FILE *ctrlfp, FILE *outfp )
+{
+
+
+
+}
+
+#endif /* no HAVE_DEV_RANDOM */
+#endif /* USE_RAND_UNIX */
diff --git a/cipher/rand-w32.c b/cipher/rand-w32.c
new file mode 100644
index 000000000..c96e04eba
--- /dev/null
+++ b/cipher/rand-w32.c
@@ -0,0 +1,54 @@
+/* rand-w32.c  -  Windoze32 and NT random device
+ *	Copyright (C) 1998 Free Software Foundation, Inc.
+ *
+ * This file is part of GNUPG.
+ *
+ * GNUPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GNUPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <errno.h>
+#include <sys/time.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <string.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include "util.h"
+#include "rmd.h"
+#include "ttyio.h"
+#include "i18n.h"
+#include "rand-internal.h"
+#ifdef USE_RAND_W32 /* this file is only for Mingw32 */
+
+
+#error To be written
+
+void
+random_poll()
+{
+}
+
+
+void
+fast_random_poll()
+{
+}
+
+#endif /* USE_RAND_W32 */
diff --git a/cipher/random.c b/cipher/random.c
index 53c625ffe..ea6b90806 100644
--- a/cipher/random.c
+++ b/cipher/random.c
@@ -20,12 +20,9 @@
 
 
 /****************
- * How it works:
- *
- * See Peter Gutmann's Paper: "Software Generation of Practically
- * Strong Random Numbers"
- *
- * fixme!
+ * This random number generator is modelled after the one described
+ * in Peter Gutmann's Paper: "Software Generation of Practically
+ * Strong Random Numbers".
  */
 
 
@@ -34,38 +31,14 @@
 #include <stdlib.h>
 #include <assert.h>
 #include <errno.h>
-#include <sys/time.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#ifndef HAVE_GETTIMEOFTIME
-  #include <sys/times.h>
-#endif
-#ifdef HAVE_GETRUSAGE
-  #include <sys/resource.h>
-#endif
 #include <string.h>
-#include <unistd.h>
-#include <fcntl.h>
 #include "util.h"
-#include "random.h"
 #include "rmd.h"
 #include "ttyio.h"
 #include "i18n.h"
+#include "rand-internal.h"
 
 
-#define BLOCKLEN  64   /* hash this amount of bytes */
-#define DIGESTLEN 20   /* into a digest of this length (rmd160) */
-/* poolblocks is the number of digests which make up the pool
- * and poolsize must be a multiple of the digest length
- * to make the AND operations faster, the size should also be
- * a multiple of ulong
- */
-#define POOLBLOCKS 30
-#define POOLSIZE (POOLBLOCKS*DIGESTLEN)
-#if (POOLSIZE % SIZEOF_UNSIGNED_LONG)
-  #error Please make sure that poolsize is a multiple of ulong
-#endif
-#define POOLWORDS (POOLSIZE / SIZEOF_UNSIGNED_LONG)
 #if SIZEOF_UNSIGNED_LONG == 8
   #define ADD_VALUE 0xa5a5a5a5a5a5a5a5
 #elif SIZEOF_UNSIGNED_LONG == 4
@@ -96,9 +69,7 @@ static int secure_alloc;
 static int quick_test;
 
 
-
 static void read_pool( byte *buffer, size_t length, int level );
-static void read_dev_random( byte *buffer, size_t length, int level );
 
 
 static void
@@ -120,13 +91,14 @@ secure_random_alloc()
     secure_alloc = 1;
 }
 
+
 int
 quick_random_gen( int onoff )
 {
     int last = quick_test;
     if( onoff != -1 )
 	quick_test = onoff;
-  #ifndef HAVE_DEV_RANDOM
+  #ifdef USE_RAND_DUMMY
     last = 1; /* insecure RNG */
   #endif
     return last;
@@ -240,7 +212,7 @@ read_pool( byte *buffer, size_t length, int level )
     if( length >= POOLSIZE )
 	BUG(); /* not allowed */
     if( !level ) { /* read simple random bytes */
-	read_dev_random( buffer, length, level );
+	read_random_source( buffer, length, level );
 	return;
     }
 
@@ -255,7 +227,7 @@ read_pool( byte *buffer, size_t length, int level )
 	if( needed > POOLSIZE )
 	    BUG();
 	p = m_alloc_secure( needed );
-	read_dev_random( p, needed, 2 ); /* read /dev/random */
+	read_random_source( p, needed, 2 ); /* read /dev/random */
 	add_randomness( p, needed, 3);
 	m_free(p);
 	pool_balance += needed;
@@ -306,7 +278,8 @@ add_randomness( const void *buffer, size_t length, int source )
     while( length-- ) {
 	rndpool[pool_writepos++] = *((byte*)buffer)++;
 	if( pool_writepos >= POOLSIZE ) {
-	    pool_filled = 1;
+	    if( source > 1 )
+		pool_filled = 1;
 	    pool_writepos = 0;
 	    mix_pool(rndpool);
 	    just_mixed = !length;
@@ -316,166 +289,3 @@ add_randomness( const void *buffer, size_t length, int source )
 
 
 
-/********************
- *  FIXME: move these functions to rand_unix.c
- */
-
-void
-random_poll()
-{
-    char buf[POOLSIZE/5];
-    read_dev_random( buf, POOLSIZE/5, 1 ); /* read /dev/urandom */
-    add_randomness( buf, POOLSIZE/5, 2);
-    memset( buf, 0, POOLSIZE/5);
-}
-
-
-void
-fast_random_poll()
-{
-  #ifdef HAVE_GETTIMEOFTIME
-    {	struct timeval tv;
-	if( gettimeofday( &tv, NULL ) )
-	    BUG();
-	add_randomness( &tv.tv_sec, sizeof(tv.tv_sec), 1 );
-	add_randomness( &tv.tv_usec, sizeof(tv.tv_usec), 1 );
-    }
-  #else /* use times */
-    {	struct tms buf;
-	times( &buf );
-	add_randomness( &buf, sizeof buf, 1 );
-    }
-  #endif
-  #ifdef HAVE_GETRUSAGE
-    {	struct rusage buf;
-	if( getrusage( RUSAGE_SELF, &buf ) )
-	    BUG();
-	add_randomness( &buf, sizeof buf, 1 );
-	memset( &buf, 0, sizeof buf );
-    }
-  #endif
-}
-
-
-#ifdef HAVE_DEV_RANDOM
-
-static int
-open_device( const char *name, int minor )
-{
-    int fd;
-    struct stat sb;
-
-    fd = open( name, O_RDONLY );
-    if( fd == -1 )
-	log_fatal("can't open %s: %s\n", name, strerror(errno) );
-    if( fstat( fd, &sb ) )
-	log_fatal("stat() off %s failed: %s\n", name, strerror(errno) );
-  #if defined(__sparc__) && defined(__linux__)
-    #warning something is wrong with UltraPenguin /dev/random
-  #else
-    if( !S_ISCHR(sb.st_mode) )
-	log_fatal("invalid random device!\n" );
-  #endif
-    return fd;
-}
-
-
-static void
-read_dev_random( byte *buffer, size_t length, int level )
-{
-    static int fd_urandom = -1;
-    static int fd_random = -1;
-    int fd;
-    int n;
-    int warn=0;
-
-    if( level == 2 && !quick_test ) {
-	if( fd_random == -1 )
-	    fd_random = open_device( "/dev/random", 8 );
-	fd = fd_random;
-    }
-    else {
-	/* fixme: we should use a simpler one for level 0,
-	 * because reading from /dev/urandom removes entropy
-	 * and the next read on /dev/random may have to wait */
-	if( fd_urandom == -1 )
-	    fd_urandom = open_device( "/dev/urandom", 9 );
-	fd = fd_urandom;
-    }
-
-
-    do {
-	fd_set rfds;
-	struct timeval tv;
-	int rc;
-
-	FD_ZERO(&rfds);
-	FD_SET(fd, &rfds);
-	tv.tv_sec = 3;
-	tv.tv_usec = 0;
-	if( !(rc=select(fd+1, &rfds, NULL, NULL, &tv)) ) {
-	    if( !warn )
-		tty_printf( _(
-"\n"
-"Not enough random bytes available.  Please do some other work to give\n"
-"the OS a chance to collect more entropy! (Need %d more bytes)\n"), length );
-	    warn = 1;
-	    continue;
-	}
-	else if( rc == -1 ) {
-	    tty_printf("select() error: %s\n", strerror(errno));
-	    continue;
-	}
-
-	assert( length < 500 );
-	do {
-	    n = read(fd, buffer, length );
-	    if( n >= 0 && n > length ) {
-		log_error("bogus read from random device (n=%d)\n", n );
-		n = length;
-	    }
-	} while( n == -1 && errno == EINTR );
-	if( n == -1 )
-	    log_fatal("read error on random device: %s\n", strerror(errno) );
-	assert( n <= length );
-	buffer += n;
-	length -= n;
-    } while( length );
-}
-
-#else /* not HAVE_DEV_RANDOM */
-
-
-#ifndef RAND_MAX   /* for SunOS */
-  #define RAND_MAX 32767
-#endif
-
-static void
-read_dev_random( byte *buffer, size_t length, int level )
-{
-    static int initialized=0;
-
-    if( !initialized ) {
-	log_info(_("warning: using insecure random number generator!!\n"));
-	tty_printf(_("The random number generator is only a kludge to let\n"
-		   "it compile - it is in no way a strong RNG!\n\n"
-		   "DON'T USE ANY DATA GENERATED BY THIS PROGRAM!!\n\n"));
-	initialized=1;
-      #ifdef HAVE_RAND
-	srand(make_timestamp()*getpid());
-      #else
-	srandom(make_timestamp()*getpid());
-      #endif
-    }
-
-  #ifdef HAVE_RAND
-    while( length-- )
-	*buffer++ = ((unsigned)(1 + (int) (256.0*rand()/(RAND_MAX+1.0)))-1);
-  #else
-    while( length-- )
-	*buffer++ = ((unsigned)(1 + (int) (256.0*random()/(RAND_MAX+1.0)))-1);
-  #endif
-}
-
-#endif
-
diff --git a/cipher/random.h b/cipher/random.h
index c45c9831b..d93e5b766 100644
--- a/cipher/random.h
+++ b/cipher/random.h
@@ -32,7 +32,7 @@ void add_randomness( const void *buffer, size_t length, int source );
 
 
 /*-- the next two functions are implemented by all the system
-     specific source files rand_xxxx.s --*/
+     specific source files rand-xxxx.c --*/
 void random_poll(void);
 void fast_random_poll(void);