aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2018-03-14 21:31:47 -0400
committerJack Lloyd <[email protected]>2018-03-14 21:31:47 -0400
commit5b948bec654fb1cbe269601874c0cbb7d1aef245 (patch)
treeb53eadbf6885e784c4ee6acd878940b9e0ca3041
parent84f54b95b2698d71f4f1e6dc333812694bab3903 (diff)
parentcfdb729661c6ea3f6fcbbfdc09cf86d0e7cc127c (diff)
Merge GH #1494 Use RtlGenRandom instead of CryptoAPI/CryptoNG
-rwxr-xr-xconfigure.py23
-rw-r--r--doc/manual/deprecated.rst2
-rw-r--r--doc/os.rst7
-rw-r--r--news.rst2
-rw-r--r--src/build-data/buildh.in15
-rw-r--r--src/build-data/os/mingw.txt2
-rw-r--r--src/build-data/os/windows.txt2
-rw-r--r--src/build-data/os/winphone.txt1
-rw-r--r--src/lib/rng/system_rng/info.txt11
-rw-r--r--src/lib/rng/system_rng/system_rng.cpp91
-rw-r--r--src/lib/utils/dyn_load/dyn_load.cpp2
11 files changed, 55 insertions, 103 deletions
diff --git a/configure.py b/configure.py
index 678a43e64..5799e6201 100755
--- a/configure.py
+++ b/configure.py
@@ -659,7 +659,7 @@ def lex_me_harder(infofile, allowed_groups, allowed_maps, name_val_pairs):
return group.replace(':', '_')
lexer = shlex.shlex(open(infofile), infofile, posix=True)
- lexer.wordchars += '|:.<>/,-!+*' # handle various funky chars in info.txt
+ lexer.wordchars += ':.<>/,-!?+*' # handle various funky chars in info.txt
groups = allowed_groups + allowed_maps
for group in groups:
@@ -937,11 +937,20 @@ class ModuleInfo(InfoObject):
return supported_isa_flags(ccinfo, arch) and supported_compiler(ccinfo, cc_min_version)
- def dependencies(self):
+ def dependencies(self, osinfo):
# base is an implicit dep for all submodules
- deps = self.requires + ['base']
+ deps = ['base']
if self.parent_module != None:
deps.append(self.parent_module)
+
+ for req in self.requires:
+ if req.find('?') != -1:
+ (cond, dep) = req.split('?')
+ if osinfo is None or cond in osinfo.target_features:
+ deps.append(dep)
+ else:
+ deps.append(req)
+
return deps
def dependencies_exist(self, modules):
@@ -950,9 +959,9 @@ class ModuleInfo(InfoObject):
about any that do not
"""
- all_deps = [s.split('|') for s in self.dependencies()]
+ missing = [s for s in self.dependencies(None) if s not in modules]
- for missing in [s for s in flatten(all_deps) if s not in modules]:
+ if missing:
logging.error("Module '%s', dep of '%s', does not exist" % (
missing, self.basename))
@@ -1572,7 +1581,7 @@ def generate_build_info(build_paths, modules, cc, arch, osinfo):
if src in module_that_owns:
module = module_that_owns[src]
isas = module.need_isa
- if 'simd' in module.dependencies():
+ if 'simd' in module.dependencies(osinfo):
isas.append('simd')
return cc.get_isa_specific_flags(isas, arch)
@@ -2072,7 +2081,7 @@ class ModulesChooser(object):
def _modules_dependency_table(self):
out = {}
for modname in self._modules:
- out[modname] = self._modules[modname].dependencies()
+ out[modname] = self._modules[modname].dependencies(self._osinfo)
return out
def _resolve_dependencies_for_all_modules(self):
diff --git a/doc/manual/deprecated.rst b/doc/manual/deprecated.rst
index 05e83e4ed..c91730cf3 100644
--- a/doc/manual/deprecated.rst
+++ b/doc/manual/deprecated.rst
@@ -36,6 +36,8 @@ in the source.
- Platform support for Google Native Client
+- Platform support for Windows Phone
+
- Support for PathScale and HP compilers
- TLS: 3DES and SEED ciphersuites
diff --git a/doc/os.rst b/doc/os.rst
index 2d869138b..a4edd564b 100644
--- a/doc/os.rst
+++ b/doc/os.rst
@@ -34,9 +34,7 @@ A summary of OS features as defined in ``src/build-data/os``.
:header: "Feature", "a", "a", "c", "d", "d", "f", "h", "h", "h", "i", "i", "l", "l", "m", "n", "n", "o", "q", "s", "w", "w"
"arc4random", " ", " ", " ", "X", "X", "X", " ", " ", " ", " ", "X", " ", " ", " ", " ", "X", "X", " ", " ", " ", " "
- "clock_gettime", "X", "X", " ", " ", "X", "X", " ", "X", " ", " ", " ", "X", " ", " ", " ", "X", "X", "X", "X", " ", " "
- "cryptgenrandom", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", "X", " ", " ", " ", " ", " ", "X", " "
- "crypto_ng", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", "X"
+ "clock_gettime", "X", "X", " ", " ", "X", "X", "X", "X", "X", " ", " ", "X", " ", " ", " ", "X", "X", "X", "X", " ", " "
"dev_random", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", " ", "X", " ", " ", " ", "X", "X", "X", "X", " ", " "
"explicit_bzero", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", "X", " ", " ", " ", " "
"filesystem", "X", "X", "X", "X", "X", "X", "X", "X", "X", " ", "X", "X", "X", "X", " ", "X", "X", "X", "X", "X", "X"
@@ -44,9 +42,10 @@ A summary of OS features as defined in ``src/build-data/os``.
"getentropy", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", "X", " ", " ", " ", " "
"posix1", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", "X", " ", " ", " ", "X", "X", "X", "X", " ", " "
"proc_fs", "X", " ", " ", " ", "X", " ", " ", " ", " ", " ", " ", "X", " ", " ", " ", " ", " ", " ", "X", " ", " "
+ "rtlgenrandom", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", "X", " ", " ", " ", " ", " ", "X", " "
"rtlsecurezeromemory", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", "X", "X"
"security_framework", " ", " ", " ", "X", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " "
- "sockets", "X", "X", "X", "X", "X", "X", "X", "X", "X", " ", "X", "X", " ", "X", " ", "X", "X", "X", "X", "X", "X"
+ "sockets", "X", "X", "X", "X", "X", "X", "X", "X", "X", " ", "X", "X", " ", " ", " ", "X", "X", "X", "X", " ", " "
"stl_filesystem_msvc", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", "X", " "
"threads", "X", "X", "X", "X", "X", "X", "X", "X", "X", " ", "X", "X", " ", "X", "X", "X", "X", "X", "X", "X", "X"
"virtual_lock", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", " ", "X", " ", " ", " ", " ", " ", "X", " "
diff --git a/news.rst b/news.rst
index c667ec9db..792ce616c 100644
--- a/news.rst
+++ b/news.rst
@@ -86,6 +86,8 @@ Version 2.5.0, Not Yet Released
is still maintained by the original author at
https://github.com/OlivierJG/botansqlite3
+* Support for Windows Phone is deprecated.
+
Version 2.4.0, 2018-01-08
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
diff --git a/src/build-data/buildh.in b/src/build-data/buildh.in
index b2bc0ea4b..d42e85ac4 100644
--- a/src/build-data/buildh.in
+++ b/src/build-data/buildh.in
@@ -153,6 +153,7 @@
*/
#define BOTAN_RNG_DEFAULT_RESEED_INTERVAL 1024
#define BOTAN_RNG_RESEED_POLL_BITS 256
+
#define BOTAN_RNG_AUTO_RESEED_TIMEOUT std::chrono::milliseconds(10)
#define BOTAN_RNG_RESEED_DEFAULT_TIMEOUT std::chrono::milliseconds(50)
@@ -174,14 +175,6 @@
* These control the RNG used by the system RNG interface
*/
#define BOTAN_SYSTEM_RNG_DEVICE "/dev/urandom"
-#define BOTAN_SYSTEM_RNG_CRYPTOAPI_PROV_TYPE PROV_RSA_FULL
-
-/*
-* These paramaters control how many bytes to read from the system
-* PRNG, and how long to block if applicable.
-*
-* Timeout is ignored on Windows as CryptGenRandom doesn't block
-*/
#define BOTAN_SYSTEM_RNG_POLL_DEVICES { "/dev/urandom", "/dev/random", "/dev/srandom" }
/*
@@ -192,10 +185,14 @@
*/
#define BOTAN_ENTROPY_PROC_FS_PATH "/proc"
+/*
+* These paramaters control how many bytes to read from the system
+* PRNG, and how long to block if applicable. The timeout only applies
+* to reading /dev/urandom and company.
+*/
#define BOTAN_SYSTEM_RNG_POLL_REQUEST 64
#define BOTAN_SYSTEM_RNG_POLL_TIMEOUT_MS 20
-
/*
How many times to read from the RDRAND/RDSEED RNGs.
Each read generates 32 bits of output
diff --git a/src/build-data/os/mingw.txt b/src/build-data/os/mingw.txt
index b74aa2d49..bbe17e084 100644
--- a/src/build-data/os/mingw.txt
+++ b/src/build-data/os/mingw.txt
@@ -16,7 +16,7 @@ mingw32.*
<target_features>
win32
-cryptgenrandom
+rtlgenrandom
virtual_lock
threads
diff --git a/src/build-data/os/windows.txt b/src/build-data/os/windows.txt
index 500013897..db6245a83 100644
--- a/src/build-data/os/windows.txt
+++ b/src/build-data/os/windows.txt
@@ -19,7 +19,7 @@ doc_dir docs
win32
winsock2
-cryptgenrandom
+rtlgenrandom
rtlsecurezeromemory
virtual_lock
diff --git a/src/build-data/os/winphone.txt b/src/build-data/os/winphone.txt
index bc0179c12..fdeae6783 100644
--- a/src/build-data/os/winphone.txt
+++ b/src/build-data/os/winphone.txt
@@ -11,7 +11,6 @@ doc_dir docs
win32
winsock2
-crypto_ng
rtlsecurezeromemory
threads
diff --git a/src/lib/rng/system_rng/info.txt b/src/lib/rng/system_rng/info.txt
index 8f25bf84c..4dc5be758 100644
--- a/src/lib/rng/system_rng/info.txt
+++ b/src/lib/rng/system_rng/info.txt
@@ -5,12 +5,9 @@ SYSTEM_RNG -> 20141202
<os_features>
dev_random,posix1
arc4random
-crypto_ng
-cryptgenrandom
+rtlgenrandom
</os_features>
-<libs>
-windows -> advapi32.lib
-winphone -> bcrypt.lib
-mingw -> advapi32
-</libs>
+<requires>
+rtlgenrandom?dyn_load
+</requires>
diff --git a/src/lib/rng/system_rng/system_rng.cpp b/src/lib/rng/system_rng/system_rng.cpp
index cec3deab1..32dabbe9f 100644
--- a/src/lib/rng/system_rng/system_rng.cpp
+++ b/src/lib/rng/system_rng/system_rng.cpp
@@ -1,25 +1,22 @@
/*
* System RNG
-* (C) 2014,2015,2017 Jack Lloyd
+* (C) 2014,2015,2017,2018 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
#include <botan/system_rng.h>
-#if defined(BOTAN_TARGET_OS_HAS_CRYPTGENRANDOM)
- #define NOMINMAX 1
- #define _WINSOCKAPI_ // stop windows.h including winsock.h
- #include <windows.h>
- #include <wincrypt.h>
-
-#elif defined(BOTAN_TARGET_OS_HAS_CRYPTO_NG)
- #include <bcrypt.h>
+#if defined(BOTAN_TARGET_OS_HAS_RTLGENRANDOM)
+ #include <botan/dyn_load.h>
+ #define NOMINMAX 1
+ #define _WINSOCKAPI_ // stop windows.h including winsock.h
+ #include <windows.h>
#elif defined(BOTAN_TARGET_OS_HAS_ARC4RANDOM)
#include <stdlib.h>
-#else
+#elif defined(BOTAN_TARGET_OS_HAS_DEV_RANDOM)
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
@@ -31,82 +28,32 @@ namespace Botan {
namespace {
-#if defined(BOTAN_TARGET_OS_HAS_CRYPTGENRANDOM)
+#if defined(BOTAN_TARGET_OS_HAS_RTLGENRANDOM)
class System_RNG_Impl final : public RandomNumberGenerator
{
public:
- System_RNG_Impl()
- {
- if(!CryptAcquireContext(&m_prov, nullptr, nullptr,
- BOTAN_SYSTEM_RNG_CRYPTOAPI_PROV_TYPE, CRYPT_VERIFYCONTEXT))
- throw Exception("System_RNG failed to acquire crypto provider");
- }
-
- ~System_RNG_Impl()
+ System_RNG_Impl() : m_advapi("advapi32.dll")
{
- ::CryptReleaseContext(m_prov, 0);
+ // This throws if the function is not found
+ m_rtlgenrandom = m_advapi.resolve<RtlGenRandom_f>("SystemFunction036");
}
void randomize(uint8_t buf[], size_t len) override
{
- ::CryptGenRandom(m_prov, static_cast<DWORD>(len), buf);
- }
-
- void add_entropy(const uint8_t in[], size_t length) override
- {
- /*
- There is no explicit ConsumeRandom, but all values provided in
- the call are incorporated into the state.
- */
- std::vector<uint8_t> buf(in, in + length);
- ::CryptGenRandom(m_prov, static_cast<DWORD>(buf.size()), buf.data());
+ if(m_rtlgenrandom(buf, len) == false)
+ throw Exception("RtlGenRandom failed");
}
+ void add_entropy(const uint8_t[], size_t) override { /* ignored */ }
bool is_seeded() const override { return true; }
void clear() override { /* not possible */ }
- std::string name() const override { return "cryptoapi"; }
+ std::string name() const override { return "RtlGenRandom"; }
private:
- HCRYPTPROV m_prov;
- };
+ typedef BOOL (*RtlGenRandom_f)(PVOID, ULONG);
-#elif defined(BOTAN_TARGET_OS_HAS_CRYPTO_NG)
-
-class System_RNG_Impl final : public RandomNumberGenerator
- {
- public:
- System_RNG_Impl()
- {
- NTSTATUS ret = ::BCryptOpenAlgorithmProvider(&m_prov,
- BCRYPT_RNG_ALGORITHM,
- MS_PRIMITIVE_PROVIDER, 0);
- if(ret != STATUS_SUCCESS)
- throw Exception("System_RNG failed to acquire crypto provider");
- }
-
- ~System_RNG_Impl()
- {
- ::BCryptCloseAlgorithmProvider(m_prov, 0);
- }
-
- void randomize(uint8_t buf[], size_t len) override
- {
- ::BCryptGenRandom(m_prov, static_cast<PUCHAR>(buf), static_cast<ULONG>(len), 0);
- }
-
- void add_entropy(const uint8_t in[], size_t length) override
- {
- /*
- There is a flag BCRYPT_RNG_USE_ENTROPY_IN_BUFFER to provide
- entropy inputs, but it is ignored in Windows 8 and later.
- */
- }
-
- bool is_seeded() const override { return true; }
- void clear() override { /* not possible */ }
- std::string name() const override { return "crypto_ng"; }
- private:
- BCRYPT_ALG_HANDLE m_handle;
+ Dynamically_Loaded_Library m_advapi;
+ RtlGenRandom_f m_rtlgenrandom;
};
#elif defined(BOTAN_TARGET_OS_HAS_ARC4RANDOM)
@@ -127,7 +74,7 @@ class System_RNG_Impl final : public RandomNumberGenerator
std::string name() const override { return "arc4random"; }
};
-#else
+#elif defined(BOTAN_TARGET_OS_HAS_DEV_RANDOM)
// Read a random device
diff --git a/src/lib/utils/dyn_load/dyn_load.cpp b/src/lib/utils/dyn_load/dyn_load.cpp
index b7f2649ef..1bbcffbdb 100644
--- a/src/lib/utils/dyn_load/dyn_load.cpp
+++ b/src/lib/utils/dyn_load/dyn_load.cpp
@@ -71,7 +71,7 @@ void* Dynamically_Loaded_Library::resolve_symbol(const std::string& symbol)
if(!addr)
throw Exception("Failed to resolve symbol " + symbol +
- " in " + m_lib_name);
+ " in " + m_lib_name);
return addr;
}