From 01ab72e73f6b873261005c466c0294cb7ade4fb4 Mon Sep 17 00:00:00 2001
From: Clover_plus <clover_plus@foxmail.com>
Date: Wed, 8 Mar 2023 00:18:21 +0800
Subject: [PATCH 1/2] add "*.sh" to "editor artefacts"

---
 .gitignore | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitignore b/.gitignore
index a7189d28b..334003288 100644
--- a/.gitignore
+++ b/.gitignore
@@ -40,4 +40,4 @@
 .#*
 \#*#
 *~
-
+*.sh

From 9aa40a7e6656735a71904a138ea6e874e72fdf20 Mon Sep 17 00:00:00 2001
From: Clover_plus <clover_plus@foxmail.com>
Date: Wed, 8 Mar 2023 00:19:04 +0800
Subject: [PATCH 2/2] fix rdrand supporting issue for tools/rand

---
 CMakeLists.txt      |  17 +++++++
 tools/rand.c        |   8 +--
 tools/rand_rdrand.c | 118 ++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 137 insertions(+), 6 deletions(-)
 create mode 100644 tools/rand_rdrand.c

diff --git a/CMakeLists.txt b/CMakeLists.txt
index b67506c81..0a4e8bd95 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -259,10 +259,27 @@ option(ENABLE_RDRND "Enable Intel RDRND instructions" OFF)
 if (${CMAKE_SYSTEM_PROCESSOR} MATCHES x86_64)
 	set(ENABLE_RDRND ON)
 endif()
+
+option(FORCE_DISABLE_RDRND "Force disable Intel RDRND instructions" OFF)
+if (FORCE_DISABLE_RDRND)
+	set(ENABLE_RDRND OFF)
+endif()
+
 if (ENABLE_RDRND)
 	message(STATUS "ENABLE_RDRND")
 	list(APPEND src src/rdrand.c)
 	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -mrdrnd -mrdseed")
+
+	foreach(tool ${tools})
+		if(tool MATCHES "tools/rand.c")
+			set(toolset ${toolset}
+			"tools/rand_rdrand.c")
+		else()
+			set(toolset ${toolset}
+			${tool})
+		endif()
+	endforeach()
+	set(tools ${toolset})
 endif()
 
 option(ENABLE_GMT_0105_RNG "Enable GM/T 0105 Software RNG" OFF)
diff --git a/tools/rand.c b/tools/rand.c
index 07af527d1..4ac7c2181 100644
--- a/tools/rand.c
+++ b/tools/rand.c
@@ -82,12 +82,8 @@ int rand_main(int argc, char **argv)
 		size_t len = outlen < sizeof(buf) ? outlen : sizeof(buf);
 
 		if (rdrand) {
-/*
-			if (rdrand_bytes(buf, len) != 1) {
-				fprintf(stderr, "%s: inner error\n", prog);
-				goto end;
-			}
-*/
+			fprintf(stderr, "RDRAND unsupported\n");
+			goto end;
 		} else {
 			if (rand_bytes(buf, len) != 1) {
 				fprintf(stderr, "%s: inner error\n", prog);
diff --git a/tools/rand_rdrand.c b/tools/rand_rdrand.c
new file mode 100644
index 000000000..dbe4d29a5
--- /dev/null
+++ b/tools/rand_rdrand.c
@@ -0,0 +1,118 @@
+/*
+ *  Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the License); you may
+ *  not use this file except in compliance with the License.
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ */
+
+
+#include <stdio.h>
+#include <errno.h>
+#include <stdlib.h>
+#include <string.h>
+#include <limits.h>
+#include <gmssl/mem.h>
+#include <gmssl/rand.h>
+#include <gmssl/rdrand.h>
+
+
+static const char *options = "[-hex] [-rdrand] -outlen num [-out file]";
+
+int rand_main(int argc, char **argv)
+{
+	int ret = 1;
+	char *prog = argv[0];
+	int hex = 0;
+	int rdrand = 0;
+	int outlen = 0;
+	char *outfile = NULL;
+	FILE *outfp = stdout;
+	uint8_t buf[2048];
+
+	argc--;
+	argv++;
+
+	if (argc < 1) {
+		fprintf(stderr, "usage: %s %s\n", prog, options);
+		return 1;
+	}
+
+	while (argc > 0) {
+		if (!strcmp(*argv, "-help")) {
+			printf("usage: %s %s\n", prog, options);
+			ret = 0;
+			goto end;
+		} else if (!strcmp(*argv, "-hex")) {
+			hex = 1;
+		} else if (!strcmp(*argv, "-rdrand")) {
+			rdrand = 1;
+		} else if (!strcmp(*argv, "-outlen")) {
+			if (--argc < 1) goto bad;
+			outlen = atoi(*(++argv));
+			if (outlen < 1 || outlen > INT_MAX) {
+				fprintf(stderr, "%s: invalid outlen\n", prog);
+				goto end;
+			}
+		} else if (!strcmp(*argv, "-out")) {
+			if (--argc < 1) goto bad;
+			outfile = *(++argv);
+			if (!(outfp = fopen(outfile, "wb"))) {
+				fprintf(stderr, "%s: open '%s' failure : %s\n", prog, outfile, strerror(errno));
+				goto end;
+			}
+		} else {
+			fprintf(stderr, "%s: illegal option '%s'\n", prog, *argv);
+			goto end;
+bad:
+			fprintf(stderr, "%s: '%s' option value missing\n", prog, *argv);
+			goto end;
+		}
+
+		argc--;
+		argv++;
+	}
+
+	if (!outlen) {
+		fprintf(stderr, "%s: option -outlen missing\n", prog);
+		goto end;
+	}
+
+	while (outlen > 0) {
+		size_t len = outlen < sizeof(buf) ? outlen : sizeof(buf);
+
+		if (rdrand) {
+			if (rdrand_bytes(buf, len) != 1) {
+				fprintf(stderr, "%s: inner error\n", prog);
+				goto end;
+			}
+		} else {
+			if (rand_bytes(buf, len) != 1) {
+				fprintf(stderr, "%s: inner error\n", prog);
+				goto end;
+			}
+		}
+
+		if (hex) {
+			int i;
+			for (i = 0; i < len; i++) {
+				fprintf(outfp, "%02X", buf[i]);
+			}
+		} else {
+			if (fwrite(buf, 1, len, outfp) != len) {
+				fprintf(stderr, "%s: output failure : %s\n", prog, strerror(errno));
+				goto end;
+			}
+		}
+		outlen -= (int)len;
+	}
+	if (hex) {
+		fprintf(outfp, "\n");
+	}
+	ret = 0;
+end:
+	gmssl_secure_clear(buf, sizeof(buf));
+	if (outfile && outfp) fclose(outfp);
+	return ret;
+}