qpdf/libqpdf/InsecureRandomDataProvider.cc

#include <qpdf/InsecureRandomDataProvider.hh>

#include <qpdf/QUtil.hh>
#include <qpdf/qpdf-config.h>
#include <cstdlib>

InsecureRandomDataProvider::InsecureRandomDataProvider() :
    seeded_random(false)
{
}

void
InsecureRandomDataProvider::provideRandomData(unsigned char* data, size_t len)
{
    for (size_t i = 0; i < len; ++i) {
        data[i] = static_cast<unsigned char>((this->random() & 0xff0) >> 4);
    }
}

long
InsecureRandomDataProvider::random()
{
    if (!this->seeded_random) {
        // Seed the random number generator with something simple, but just to be interesting, don't
        // use the unmodified current time.  It would be better if this were a more secure seed.
        auto seed = static_cast<unsigned int>(QUtil::get_current_time() ^ 0xcccc);
#ifdef HAVE_RANDOM
        ::srandom(seed);
#else
        srand(seed);
#endif
        this->seeded_random = true;
    }

#ifdef HAVE_RANDOM
    return ::random();
#else
    return rand();
#endif
}

RandomDataProvider*
InsecureRandomDataProvider::getInstance()
{
    static InsecureRandomDataProvider instance;
    return &instance;
}
Refactor random data generation Add new RandomDataProvider object and implement existing random number generation in terms of that. This enables end users to supply their own random data providers. 2013-11-30 12:02:56 -05:00			`#include <qpdf/InsecureRandomDataProvider.hh>`

			`#include <qpdf/QUtil.hh>`
Programmatically apply new formatting to code Run this: for i in */.cc */.c */.h */.hh; do clang-format < $i >\| $i.new && mv $i.new $i done 2022-04-02 17:14:10 -04:00			`#include <qpdf/qpdf-config.h>`
Replace deprecated C++ includes 2023-05-20 12:22:32 +01:00			`#include <cstdlib>`
Refactor random data generation Add new RandomDataProvider object and implement existing random number generation in terms of that. This enables end users to supply their own random data providers. 2013-11-30 12:02:56 -05:00
			`InsecureRandomDataProvider::InsecureRandomDataProvider() :`
			`seeded_random(false)`
			`{`
			`}`

			`void`
			`InsecureRandomDataProvider::provideRandomData(unsigned char* data, size_t len)`
			`{`
Programmatically apply new formatting to code Run this: for i in */.cc */.c */.h */.hh; do clang-format < $i >\| $i.new && mv $i.new $i done 2022-04-02 17:14:10 -04:00			`for (size_t i = 0; i < len; ++i) {`
Refactor random data generation Add new RandomDataProvider object and implement existing random number generation in terms of that. This enables end users to supply their own random data providers. 2013-11-30 12:02:56 -05:00			`data[i] = static_cast<unsigned char>((this->random() & 0xff0) >> 4);`
			`}`
			`}`

			`long`
			`InsecureRandomDataProvider::random()`
			`{`
Programmatically apply new formatting to code Run this: for i in */.cc */.c */.h */.hh; do clang-format < $i >\| $i.new && mv $i.new $i done 2022-04-02 17:14:10 -04:00			`if (!this->seeded_random) {`
Code tidy - reflow comments and strings 2023-05-27 18:19:52 +01:00			`// Seed the random number generator with something simple, but just to be interesting, don't`
			`// use the unmodified current time. It would be better if this were a more secure seed.`
Rerun clang-format 2023-05-21 13:35:09 -04:00			`auto seed = static_cast<unsigned int>(QUtil::get_current_time() ^ 0xcccc);`
Remove QUtil::srandom 2020-04-06 09:49:02 -04:00			`#ifdef HAVE_RANDOM`
			`::srandom(seed);`
			`#else`
			`srand(seed);`
			`#endif`
WHITESPACE ONLY -- expand tabs in source code This comment expands all tabs using an 8-character tab-width. You should ignore this commit when using git blame or use git blame -w. In the early days, I used to use tabs where possible for indentation, since emacs did this automatically. In recent years, I have switched to only using spaces, which means qpdf source code has been a mixture of spaces and tabs. I have avoided cleaning this up because of not wanting gratuitous whitespaces change to cloud the output of git blame, but I changed my mind after discussing with users who view qpdf source code in editors/IDEs that have other tab widths by default and in light of the fact that I am planning to start applying automatic code formatting soon. 2022-02-08 09:18:08 -05:00			`this->seeded_random = true;`
Refactor random data generation Add new RandomDataProvider object and implement existing random number generation in terms of that. This enables end users to supply their own random data providers. 2013-11-30 12:02:56 -05:00			`}`

Programmatically apply new formatting to code Run this: for i in */.cc */.c */.h */.hh; do clang-format < $i >\| $i.new && mv $i.new $i done 2022-04-02 17:14:10 -04:00			`#ifdef HAVE_RANDOM`
Refactor random data generation Add new RandomDataProvider object and implement existing random number generation in terms of that. This enables end users to supply their own random data providers. 2013-11-30 12:02:56 -05:00			`return ::random();`
Programmatically apply new formatting to code Run this: for i in */.cc */.c */.h */.hh; do clang-format < $i >\| $i.new && mv $i.new $i done 2022-04-02 17:14:10 -04:00			`#else`
Refactor random data generation Add new RandomDataProvider object and implement existing random number generation in terms of that. This enables end users to supply their own random data providers. 2013-11-30 12:02:56 -05:00			`return rand();`
Programmatically apply new formatting to code Run this: for i in */.cc */.c */.h */.hh; do clang-format < $i >\| $i.new && mv $i.new $i done 2022-04-02 17:14:10 -04:00			`#endif`
Refactor random data generation Add new RandomDataProvider object and implement existing random number generation in terms of that. This enables end users to supply their own random data providers. 2013-11-30 12:02:56 -05:00			`}`

			`RandomDataProvider*`
			`InsecureRandomDataProvider::getInstance()`
			`{`
			`static InsecureRandomDataProvider instance;`
			`return &instance;`
			`}`