/* * System RNG * (C) 2014,2015,2017,2018 Jack Lloyd * * Botan is released under the Simplified BSD License (see license.txt) */ #include #if defined(BOTAN_TARGET_OS_HAS_RTLGENRANDOM) #include #define NOMINMAX 1 #define _WINSOCKAPI_ // stop windows.h including winsock.h #include #elif defined(BOTAN_TARGET_OS_HAS_ARC4RANDOM) #include #elif defined(BOTAN_TARGET_OS_HAS_DEV_RANDOM) #include #include #include #include #include #endif namespace Botan { namespace { #if defined(BOTAN_TARGET_OS_HAS_RTLGENRANDOM) class System_RNG_Impl final : public RandomNumberGenerator { public: System_RNG_Impl() : m_advapi("advapi32.dll") { // This throws if the function is not found m_rtlgenrandom = m_advapi.resolve("SystemFunction036"); } void randomize(uint8_t buf[], size_t len) override { bool success = m_rtlgenrandom(buf, len) == TRUE; if(!success) throw Exception("RtlGenRandom failed"); } void add_entropy(const uint8_t[], size_t) override { /* ignored */ } bool is_seeded() const override { return true; } void clear() override { /* not possible */ } std::string name() const override { return "RtlGenRandom"; } private: typedef BOOLEAN (NTAPI *RtlGenRandom_f)(PVOID, ULONG); Dynamically_Loaded_Library m_advapi; RtlGenRandom_f m_rtlgenrandom; }; #elif defined(BOTAN_TARGET_OS_HAS_ARC4RANDOM) class System_RNG_Impl final : public RandomNumberGenerator { public: // No constructor or destructor needed as no userland state maintained void randomize(uint8_t buf[], size_t len) override { ::arc4random_buf(buf, len); } void add_entropy(const uint8_t[], size_t) override { /* ignored */ } bool is_seeded() const override { return true; } void clear() override { /* not possible */ } std::string name() const override { return "arc4random"; } }; #elif defined(BOTAN_TARGET_OS_HAS_DEV_RANDOM) // Read a random device class System_RNG_Impl final : public RandomNumberGenerator { public: System_RNG_Impl() { #ifndef O_NOCTTY #define O_NOCTTY 0 #endif m_fd = ::open(BOTAN_SYSTEM_RNG_DEVICE, O_RDWR | O_NOCTTY); /* Cannot open in read-write mode. Fall back to read-only, calls to add_entropy will fail, but randomize will work */ if(m_fd < 0) m_fd = ::open(BOTAN_SYSTEM_RNG_DEVICE, O_RDONLY | O_NOCTTY); if(m_fd < 0) throw Exception("System_RNG failed to open RNG device"); } ~System_RNG_Impl() { ::close(m_fd); m_fd = -1; } void randomize(uint8_t buf[], size_t len) override; void add_entropy(const uint8_t in[], size_t length) override; bool is_seeded() const override { return true; } void clear() override { /* not possible */ } std::string name() const override { return BOTAN_SYSTEM_RNG_DEVICE; } private: int m_fd; }; void System_RNG_Impl::randomize(uint8_t buf[], size_t len) { while(len) { ssize_t got = ::read(m_fd, buf, len); if(got < 0) { if(errno == EINTR) continue; throw Exception("System_RNG read failed error " + std::to_string(errno)); } if(got == 0) throw Exception("System_RNG EOF on device"); // ?!? buf += got; len -= got; } } void System_RNG_Impl::add_entropy(const uint8_t input[], size_t len) { while(len) { ssize_t got = ::write(m_fd, input, len); if(got < 0) { if(errno == EINTR) continue; /* * This is seen on OS X CI, despite the fact that the man page * for Darwin urandom explicitly states that writing to it is * supported, and write(2) does not document EPERM at all. * But in any case EPERM seems indicative of a policy decision * by the OS or sysadmin that additional entropy is not wanted * in the system pool, so we accept that and return here, * since there is no corrective action possible. * * In Linux EBADF or EPERM is returned if m_fd is not opened for * writing. */ if(errno == EPERM || errno == EBADF) return; // maybe just ignore any failure here and return? throw Exception("System_RNG write failed error " + std::to_string(errno)); } input += got; len -= got; } } #endif } RandomNumberGenerator& system_rng() { static System_RNG_Impl g_system_rng; return g_system_rng; } }