2013-11-30 17:02:56 +00:00
|
|
|
#include <qpdf/SecureRandomDataProvider.hh>
|
|
|
|
|
|
|
|
#include <qpdf/QUtil.hh>
|
2022-04-02 21:14:10 +00:00
|
|
|
#include <qpdf/qpdf-config.h>
|
2013-11-30 17:02:56 +00:00
|
|
|
#ifdef _WIN32
|
2021-02-10 12:32:10 +00:00
|
|
|
# define WIN32_LEAN_AND_MEAN
|
2013-11-30 17:02:56 +00:00
|
|
|
# include <direct.h>
|
|
|
|
# include <io.h>
|
2022-04-02 21:14:10 +00:00
|
|
|
# include <windows.h>
|
2013-11-30 17:02:56 +00:00
|
|
|
# ifndef SKIP_OS_SECURE_RANDOM
|
2017-07-22 13:42:41 +00:00
|
|
|
# include <wincrypt.h>
|
2013-11-30 17:02:56 +00:00
|
|
|
# endif
|
|
|
|
#endif
|
|
|
|
|
2013-11-30 17:25:01 +00:00
|
|
|
#ifdef SKIP_OS_SECURE_RANDOM
|
|
|
|
|
|
|
|
void
|
|
|
|
SecureRandomDataProvider::provideRandomData(unsigned char* data, size_t len)
|
|
|
|
{
|
2022-04-02 21:14:10 +00:00
|
|
|
throw std::logic_error("SecureRandomDataProvider::provideRandomData called "
|
|
|
|
"when support was not compiled in");
|
2013-11-30 17:25:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
RandomDataProvider*
|
|
|
|
SecureRandomDataProvider::getInstance()
|
|
|
|
{
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
#else
|
|
|
|
|
2022-04-02 21:14:10 +00:00
|
|
|
# ifdef _WIN32
|
2013-11-30 17:02:56 +00:00
|
|
|
|
2022-04-16 17:21:57 +00:00
|
|
|
namespace
|
2013-11-30 17:02:56 +00:00
|
|
|
{
|
2022-04-16 17:21:57 +00:00
|
|
|
class WindowsCryptProvider
|
2013-11-30 17:02:56 +00:00
|
|
|
{
|
2022-04-16 17:21:57 +00:00
|
|
|
public:
|
|
|
|
WindowsCryptProvider()
|
|
|
|
{
|
|
|
|
if (!CryptAcquireContextW(
|
2023-05-21 17:35:09 +00:00
|
|
|
&crypt_prov, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
|
|
|
|
throw std::runtime_error("unable to acquire crypt context: " + getErrorMessage());
|
2022-04-16 17:21:57 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
~WindowsCryptProvider()
|
|
|
|
{
|
|
|
|
// Ignore error
|
|
|
|
CryptReleaseContext(crypt_prov, 0);
|
2013-11-30 17:02:56 +00:00
|
|
|
}
|
|
|
|
|
2022-04-16 17:21:57 +00:00
|
|
|
HCRYPTPROV crypt_prov;
|
2019-06-22 19:32:18 +00:00
|
|
|
|
2022-04-16 17:21:57 +00:00
|
|
|
private:
|
|
|
|
std::string
|
|
|
|
getErrorMessage()
|
|
|
|
{
|
|
|
|
DWORD errorMessageID = ::GetLastError();
|
|
|
|
LPSTR messageBuffer = nullptr;
|
|
|
|
size_t size = FormatMessageA(
|
|
|
|
FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM |
|
|
|
|
FORMAT_MESSAGE_IGNORE_INSERTS,
|
|
|
|
NULL,
|
|
|
|
errorMessageID,
|
|
|
|
MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
|
|
|
|
reinterpret_cast<LPSTR>(&messageBuffer),
|
|
|
|
0,
|
|
|
|
NULL);
|
|
|
|
std::string message(messageBuffer, size);
|
|
|
|
LocalFree(messageBuffer);
|
|
|
|
return (
|
2023-05-21 17:35:09 +00:00
|
|
|
"error number " + QUtil::int_to_string_base(errorMessageID, 16) + ": " + message);
|
2022-04-16 17:21:57 +00:00
|
|
|
}
|
|
|
|
};
|
|
|
|
} // namespace
|
2022-04-02 21:14:10 +00:00
|
|
|
# endif
|
2013-11-30 17:02:56 +00:00
|
|
|
|
|
|
|
void
|
|
|
|
SecureRandomDataProvider::provideRandomData(unsigned char* data, size_t len)
|
|
|
|
{
|
2022-04-02 21:14:10 +00:00
|
|
|
# if defined(_WIN32)
|
2013-11-30 17:02:56 +00:00
|
|
|
|
|
|
|
// Optimization: make the WindowsCryptProvider static as long as
|
|
|
|
// it can be done in a thread-safe fashion.
|
|
|
|
WindowsCryptProvider c;
|
2023-05-21 17:35:09 +00:00
|
|
|
if (!CryptGenRandom(c.crypt_prov, static_cast<DWORD>(len), reinterpret_cast<BYTE*>(data))) {
|
2013-11-30 17:02:56 +00:00
|
|
|
throw std::runtime_error("unable to generate secure random data");
|
|
|
|
}
|
|
|
|
|
2023-09-03 13:35:28 +00:00
|
|
|
# else
|
|
|
|
static std::unique_ptr<QUtil::FileCloser> random_device = []() {
|
|
|
|
FILE* f = fopen("/dev/urandom", "rb");
|
|
|
|
if (f == nullptr) {
|
|
|
|
f = fopen("/dev/arandom", "rb");
|
|
|
|
}
|
|
|
|
if (f == nullptr) {
|
|
|
|
f = fopen("/dev/random", "rb");
|
|
|
|
}
|
|
|
|
if (f == nullptr) {
|
|
|
|
throw std::runtime_error("unable to find device in /dev for generating random numbers");
|
|
|
|
}
|
|
|
|
return std::make_unique<QUtil::FileCloser>(f);
|
|
|
|
}();
|
|
|
|
|
|
|
|
size_t fr = fread(data, 1, len, random_device->f);
|
2022-04-02 21:14:10 +00:00
|
|
|
if (fr != len) {
|
2013-11-30 17:02:56 +00:00
|
|
|
throw std::runtime_error(
|
2023-09-03 13:35:28 +00:00
|
|
|
"unable to read " + std::to_string(len) + " bytes from random number device");
|
2013-11-30 17:02:56 +00:00
|
|
|
}
|
|
|
|
|
2022-04-02 21:14:10 +00:00
|
|
|
# endif
|
2013-11-30 17:02:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
RandomDataProvider*
|
|
|
|
SecureRandomDataProvider::getInstance()
|
|
|
|
{
|
|
|
|
static SecureRandomDataProvider instance;
|
|
|
|
return &instance;
|
|
|
|
}
|
2013-11-30 17:25:01 +00:00
|
|
|
|
|
|
|
#endif
|