1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
|
/* Obtain a series of random bytes.
Copyright 2020-2023 Free Software Foundation, Inc.
This file is free software: you can redistribute it and/or modify
it under the terms of the GNU Lesser General Public License as
published by the Free Software Foundation; either version 2.1 of the
License, or (at your option) any later version.
This file is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>. */
/* Written by Paul Eggert. */
#include <config.h>
#include <sys/random.h>
#include <errno.h>
#include <fcntl.h>
#include <unistd.h>
#if defined _WIN32 && ! defined __CYGWIN__
# define WIN32_LEAN_AND_MEAN
# include <windows.h>
# if HAVE_BCRYPT_H
# include <bcrypt.h>
# else
# define NTSTATUS LONG
typedef void * BCRYPT_ALG_HANDLE;
# define BCRYPT_USE_SYSTEM_PREFERRED_RNG 0x00000002
# if HAVE_LIB_BCRYPT
extern NTSTATUS WINAPI BCryptGenRandom (BCRYPT_ALG_HANDLE, UCHAR *, ULONG, ULONG);
# endif
# endif
# if !HAVE_LIB_BCRYPT
# include <wincrypt.h>
# ifndef CRYPT_VERIFY_CONTEXT
# define CRYPT_VERIFY_CONTEXT 0xF0000000
# endif
# endif
#endif
#include "minmax.h"
#if defined _WIN32 && ! defined __CYGWIN__
/* Don't assume that UNICODE is not defined. */
# undef LoadLibrary
# define LoadLibrary LoadLibraryA
# undef CryptAcquireContext
# define CryptAcquireContext CryptAcquireContextA
# if !HAVE_LIB_BCRYPT
/* Avoid warnings from gcc -Wcast-function-type. */
# define GetProcAddress \
(void *) GetProcAddress
/* BCryptGenRandom with the BCRYPT_USE_SYSTEM_PREFERRED_RNG flag works only
starting with Windows 7. */
typedef NTSTATUS (WINAPI * BCryptGenRandomFuncType) (BCRYPT_ALG_HANDLE, UCHAR *, ULONG, ULONG);
static BCryptGenRandomFuncType BCryptGenRandomFunc = NULL;
static BOOL initialized = FALSE;
static void
initialize (void)
{
HMODULE bcrypt = LoadLibrary ("bcrypt.dll");
if (bcrypt != NULL)
{
BCryptGenRandomFunc =
(BCryptGenRandomFuncType) GetProcAddress (bcrypt, "BCryptGenRandom");
}
initialized = TRUE;
}
# else
# define BCryptGenRandomFunc BCryptGenRandom
# endif
#else
/* These devices exist on all platforms except native Windows. */
/* Name of a device through which the kernel returns high quality random
numbers, from an entropy pool. When the pool is empty, the call blocks
until entropy sources have added enough bits of entropy. */
# ifndef NAME_OF_RANDOM_DEVICE
# define NAME_OF_RANDOM_DEVICE "/dev/random"
# endif
/* Name of a device through which the kernel returns random or pseudo-random
numbers. It uses an entropy pool, but, in order to avoid blocking, adds
bits generated by a pseudo-random number generator, as needed. */
# ifndef NAME_OF_NONCE_DEVICE
# define NAME_OF_NONCE_DEVICE "/dev/urandom"
# endif
#endif
/* Set BUFFER (of size LENGTH) to random bytes under the control of FLAGS.
Return the number of bytes written (> 0).
Upon error, return -1 and set errno. */
ssize_t
getrandom (void *buffer, size_t length, unsigned int flags)
#undef getrandom
{
#if defined _WIN32 && ! defined __CYGWIN__
/* BCryptGenRandom, defined in <bcrypt.h>
<https://docs.microsoft.com/en-us/windows/win32/api/bcrypt/nf-bcrypt-bcryptgenrandom>
with the BCRYPT_USE_SYSTEM_PREFERRED_RNG flag
works in Windows 7 and newer. */
static int bcrypt_not_working /* = 0 */;
if (!bcrypt_not_working)
{
# if !HAVE_LIB_BCRYPT
if (!initialized)
initialize ();
# endif
if (BCryptGenRandomFunc != NULL
&& BCryptGenRandomFunc (NULL, buffer, length,
BCRYPT_USE_SYSTEM_PREFERRED_RNG)
== 0 /*STATUS_SUCCESS*/)
return length;
bcrypt_not_working = 1;
}
# if !HAVE_LIB_BCRYPT
/* CryptGenRandom, defined in <wincrypt.h>
<https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptgenrandom>
works in older releases as well, but is now deprecated.
CryptAcquireContext, defined in <wincrypt.h>
<https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptacquirecontexta> */
{
static int crypt_initialized /* = 0 */;
static HCRYPTPROV provider;
if (!crypt_initialized)
{
if (CryptAcquireContext (&provider, NULL, NULL, PROV_RSA_FULL,
CRYPT_VERIFY_CONTEXT))
crypt_initialized = 1;
else
crypt_initialized = -1;
}
if (crypt_initialized >= 0)
{
if (!CryptGenRandom (provider, length, buffer))
{
errno = EIO;
return -1;
}
return length;
}
}
# endif
errno = ENOSYS;
return -1;
#elif HAVE_GETRANDOM
return getrandom (buffer, length, flags);
#else
static int randfd[2] = { -1, -1 };
bool devrandom = (flags & GRND_RANDOM) != 0;
int fd = randfd[devrandom];
if (fd < 0)
{
static char const randdevice[][MAX (sizeof NAME_OF_NONCE_DEVICE,
sizeof NAME_OF_RANDOM_DEVICE)]
= { NAME_OF_NONCE_DEVICE, NAME_OF_RANDOM_DEVICE };
int oflags = (O_RDONLY + O_CLOEXEC
+ (flags & GRND_NONBLOCK ? O_NONBLOCK : 0));
fd = open (randdevice[devrandom], oflags);
if (fd < 0)
{
if (errno == ENOENT || errno == ENOTDIR)
errno = ENOSYS;
return -1;
}
randfd[devrandom] = fd;
}
return read (fd, buffer, length);
#endif
}
|