qpdf/libqpdf/InsecureRandomDataProvider.cc

#include <qpdf/InsecureRandomDataProvider.hh>

#include <qpdf/QUtil.hh>
#include <qpdf/qpdf-config.h>
#include <cstdlib>

InsecureRandomDataProvider::InsecureRandomDataProvider() :
    seeded_random(false)
{
}

void
InsecureRandomDataProvider::provideRandomData(unsigned char* data, size_t len)
{
    for (size_t i = 0; i < len; ++i) {
        data[i] = static_cast<unsigned char>((this->random() & 0xff0) >> 4);
    }
}

long
InsecureRandomDataProvider::random()
{
    if (!this->seeded_random) {
        // Seed the random number generator with something simple, but just to be interesting, don't
        // use the unmodified current time.  It would be better if this were a more secure seed.
        auto seed = static_cast<unsigned int>(QUtil::get_current_time() ^ 0xcccc);
#ifdef HAVE_RANDOM
        ::srandom(seed);
#else
        srand(seed);
#endif
        this->seeded_random = true;
    }

#ifdef HAVE_RANDOM
    return ::random();
#else
    return rand();
#endif
}

RandomDataProvider*
InsecureRandomDataProvider::getInstance()
{
    static InsecureRandomDataProvider instance;
    return &instance;
}
Refactor random data generation Add new RandomDataProvider object and implement existing random number generation in terms of that. This enables end users to supply their own random data providers. 2013-11-30 17:02:56 +00:00			`#include <qpdf/InsecureRandomDataProvider.hh>`

			`#include <qpdf/QUtil.hh>`
			`#include <qpdf/qpdf-config.h>`
Replace deprecated C++ includes 2023-05-20 11:22:32 +00:00			`#include <cstdlib>`
Refactor random data generation Add new RandomDataProvider object and implement existing random number generation in terms of that. This enables end users to supply their own random data providers. 2013-11-30 17:02:56 +00:00
			`InsecureRandomDataProvider::InsecureRandomDataProvider() :`
			`seeded_random(false)`
			`{`
			`}`

			`void`
			`InsecureRandomDataProvider::provideRandomData(unsigned char* data, size_t len)`
			`{`
			`for (size_t i = 0; i < len; ++i) {`
			`data[i] = static_cast<unsigned char>((this->random() & 0xff0) >> 4);`
			`}`
			`}`

			`long`
			`InsecureRandomDataProvider::random()`
			`{`
			`if (!this->seeded_random) {`
WHITESPACE ONLY -- expand tabs in source code This comment expands all tabs using an 8-character tab-width. You should ignore this commit when using git blame or use git blame -w. In the early days, I used to use tabs where possible for indentation, since emacs did this automatically. In recent years, I have switched to only using spaces, which means qpdf source code has been a mixture of spaces and tabs. I have avoided cleaning this up because of not wanting gratuitous whitespaces change to cloud the output of git blame, but I changed my mind after discussing with users who view qpdf source code in editors/IDEs that have other tab widths by default and in light of the fact that I am planning to start applying automatic code formatting soon. 2022-02-08 14:18:08 +00:00			`// Seed the random number generator with something simple, but just to be interesting, don't`
			`// use the unmodified current time. It would be better if this were a more secure seed.`
Remove QUtil::srandom 2020-04-06 13:49:02 +00:00			`auto seed = static_cast<unsigned int>(QUtil::get_current_time() ^ 0xcccc);`
			`#ifdef HAVE_RANDOM`
			`::srandom(seed);`
			`#else`
			`srand(seed);`
			`#endif`
WHITESPACE ONLY -- expand tabs in source code This comment expands all tabs using an 8-character tab-width. You should ignore this commit when using git blame or use git blame -w. In the early days, I used to use tabs where possible for indentation, since emacs did this automatically. In recent years, I have switched to only using spaces, which means qpdf source code has been a mixture of spaces and tabs. I have avoided cleaning this up because of not wanting gratuitous whitespaces change to cloud the output of git blame, but I changed my mind after discussing with users who view qpdf source code in editors/IDEs that have other tab widths by default and in light of the fact that I am planning to start applying automatic code formatting soon. 2022-02-08 14:18:08 +00:00			`this->seeded_random = true;`
Refactor random data generation Add new RandomDataProvider object and implement existing random number generation in terms of that. This enables end users to supply their own random data providers. 2013-11-30 17:02:56 +00:00			`}`

			`#ifdef HAVE_RANDOM`
			`return ::random();`
			`#else`
			`return rand();`
			`#endif`
			`}`

			`RandomDataProvider*`
			`InsecureRandomDataProvider::getInstance()`
			`{`
			`static InsecureRandomDataProvider instance;`
			`return &instance;`
			`}`