rand.c 7.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269
  1. /***************************************************************************
  2. * _ _ ____ _
  3. * Project ___| | | | _ \| |
  4. * / __| | | | |_) | |
  5. * | (__| |_| | _ <| |___
  6. * \___|\___/|_| \_\_____|
  7. *
  8. * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
  9. *
  10. * This software is licensed as described in the file COPYING, which
  11. * you should have received as part of this distribution. The terms
  12. * are also available at https://curl.se/docs/copyright.html.
  13. *
  14. * You may opt to use, copy, modify, merge, publish, distribute and/or sell
  15. * copies of the Software, and permit persons to whom the Software is
  16. * furnished to do so, under the terms of the COPYING file.
  17. *
  18. * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
  19. * KIND, either express or implied.
  20. *
  21. * SPDX-License-Identifier: curl
  22. *
  23. ***************************************************************************/
  24. #include "curl_setup.h"
  25. #ifdef HAVE_FCNTL_H
  26. #include <fcntl.h>
  27. #endif
  28. #ifdef HAVE_ARPA_INET_H
  29. #include <arpa/inet.h>
  30. #endif
  31. #ifdef HAVE_ARC4RANDOM
  32. /* Some platforms might have the prototype missing (ubuntu + libressl) */
  33. uint32_t arc4random(void);
  34. #endif
  35. #include <curl/curl.h>
  36. #include "urldata.h"
  37. #include "vtls/vtls.h"
  38. #include "sendf.h"
  39. #include "timeval.h"
  40. #include "rand.h"
  41. /* The last 3 #include files should be in this order */
  42. #include "curl_printf.h"
  43. #include "curl_memory.h"
  44. #include "memdebug.h"
  45. #ifdef WIN32
  46. #if defined(__MINGW32__) && !defined(__MINGW64_VERSION_MAJOR)
  47. # define HAVE_MINGW_ORIGINAL
  48. #endif
  49. #if defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x600 && \
  50. !defined(HAVE_MINGW_ORIGINAL)
  51. # define HAVE_WIN_BCRYPTGENRANDOM
  52. # include <bcrypt.h>
  53. # ifdef _MSC_VER
  54. # pragma comment(lib, "bcrypt.lib")
  55. # endif
  56. # ifndef BCRYPT_USE_SYSTEM_PREFERRED_RNG
  57. # define BCRYPT_USE_SYSTEM_PREFERRED_RNG 0x00000002
  58. # endif
  59. # ifndef STATUS_SUCCESS
  60. # define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
  61. # endif
  62. #elif defined(USE_WIN32_CRYPTO)
  63. # include <wincrypt.h>
  64. # ifdef _MSC_VER
  65. # pragma comment(lib, "advapi32.lib")
  66. # endif
  67. #endif
  68. CURLcode Curl_win32_random(unsigned char *entropy, size_t length)
  69. {
  70. memset(entropy, 0, length);
  71. #if defined(HAVE_WIN_BCRYPTGENRANDOM)
  72. if(BCryptGenRandom(NULL, entropy, (ULONG)length,
  73. BCRYPT_USE_SYSTEM_PREFERRED_RNG) != STATUS_SUCCESS)
  74. return CURLE_FAILED_INIT;
  75. return CURLE_OK;
  76. #elif defined(USE_WIN32_CRYPTO)
  77. {
  78. HCRYPTPROV hCryptProv = 0;
  79. if(!CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL,
  80. CRYPT_VERIFYCONTEXT | CRYPT_SILENT))
  81. return CURLE_FAILED_INIT;
  82. if(!CryptGenRandom(hCryptProv, (DWORD)length, entropy)) {
  83. CryptReleaseContext(hCryptProv, 0UL);
  84. return CURLE_FAILED_INIT;
  85. }
  86. CryptReleaseContext(hCryptProv, 0UL);
  87. }
  88. return CURLE_OK;
  89. #else
  90. return CURLE_NOT_BUILT_IN;
  91. #endif
  92. }
  93. #endif
  94. static CURLcode randit(struct Curl_easy *data, unsigned int *rnd)
  95. {
  96. unsigned int r;
  97. CURLcode result = CURLE_OK;
  98. static unsigned int randseed;
  99. static bool seeded = FALSE;
  100. #ifdef CURLDEBUG
  101. char *force_entropy = getenv("CURL_ENTROPY");
  102. if(force_entropy) {
  103. if(!seeded) {
  104. unsigned int seed = 0;
  105. size_t elen = strlen(force_entropy);
  106. size_t clen = sizeof(seed);
  107. size_t min = elen < clen ? elen : clen;
  108. memcpy((char *)&seed, force_entropy, min);
  109. randseed = ntohl(seed);
  110. seeded = TRUE;
  111. }
  112. else
  113. randseed++;
  114. *rnd = randseed;
  115. return CURLE_OK;
  116. }
  117. #endif
  118. /* data may be NULL! */
  119. result = Curl_ssl_random(data, (unsigned char *)rnd, sizeof(*rnd));
  120. if(result != CURLE_NOT_BUILT_IN)
  121. /* only if there is no random function in the TLS backend do the non crypto
  122. version, otherwise return result */
  123. return result;
  124. /* ---- non-cryptographic version following ---- */
  125. #ifdef WIN32
  126. if(!seeded) {
  127. result = Curl_win32_random((unsigned char *)rnd, sizeof(*rnd));
  128. if(result != CURLE_NOT_BUILT_IN)
  129. return result;
  130. }
  131. #endif
  132. #ifdef HAVE_ARC4RANDOM
  133. *rnd = (unsigned int)arc4random();
  134. return CURLE_OK;
  135. #endif
  136. #if defined(RANDOM_FILE) && !defined(WIN32)
  137. if(!seeded) {
  138. /* if there's a random file to read a seed from, use it */
  139. int fd = open(RANDOM_FILE, O_RDONLY);
  140. if(fd > -1) {
  141. /* read random data into the randseed variable */
  142. ssize_t nread = read(fd, &randseed, sizeof(randseed));
  143. if(nread == sizeof(randseed))
  144. seeded = TRUE;
  145. close(fd);
  146. }
  147. }
  148. #endif
  149. if(!seeded) {
  150. struct curltime now = Curl_now();
  151. infof(data, "WARNING: using weak random seed");
  152. randseed += (unsigned int)now.tv_usec + (unsigned int)now.tv_sec;
  153. randseed = randseed * 1103515245 + 12345;
  154. randseed = randseed * 1103515245 + 12345;
  155. randseed = randseed * 1103515245 + 12345;
  156. seeded = TRUE;
  157. }
  158. /* Return an unsigned 32-bit pseudo-random number. */
  159. r = randseed = randseed * 1103515245 + 12345;
  160. *rnd = (r << 16) | ((r >> 16) & 0xFFFF);
  161. return CURLE_OK;
  162. }
  163. /*
  164. * Curl_rand() stores 'num' number of random unsigned characters in the buffer
  165. * 'rnd' points to.
  166. *
  167. * If libcurl is built without TLS support or with a TLS backend that lacks a
  168. * proper random API (rustls or mbedTLS), this function will use "weak"
  169. * random.
  170. *
  171. * When built *with* TLS support and a backend that offers strong random, it
  172. * will return error if it cannot provide strong random values.
  173. *
  174. * NOTE: 'data' may be passed in as NULL when coming from external API without
  175. * easy handle!
  176. *
  177. */
  178. CURLcode Curl_rand(struct Curl_easy *data, unsigned char *rnd, size_t num)
  179. {
  180. CURLcode result = CURLE_BAD_FUNCTION_ARGUMENT;
  181. DEBUGASSERT(num > 0);
  182. while(num) {
  183. unsigned int r;
  184. size_t left = num < sizeof(unsigned int) ? num : sizeof(unsigned int);
  185. result = randit(data, &r);
  186. if(result)
  187. return result;
  188. while(left) {
  189. *rnd++ = (unsigned char)(r & 0xFF);
  190. r >>= 8;
  191. --num;
  192. --left;
  193. }
  194. }
  195. return result;
  196. }
  197. /*
  198. * Curl_rand_hex() fills the 'rnd' buffer with a given 'num' size with random
  199. * hexadecimal digits PLUS a null-terminating byte. It must be an odd number
  200. * size.
  201. */
  202. CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd,
  203. size_t num)
  204. {
  205. CURLcode result = CURLE_BAD_FUNCTION_ARGUMENT;
  206. const char *hex = "0123456789abcdef";
  207. unsigned char buffer[128];
  208. unsigned char *bufp = buffer;
  209. DEBUGASSERT(num > 1);
  210. #ifdef __clang_analyzer__
  211. /* This silences a scan-build warning about accessing this buffer with
  212. uninitialized memory. */
  213. memset(buffer, 0, sizeof(buffer));
  214. #endif
  215. if((num/2 >= sizeof(buffer)) || !(num&1))
  216. /* make sure it fits in the local buffer and that it is an odd number! */
  217. return CURLE_BAD_FUNCTION_ARGUMENT;
  218. num--; /* save one for null-termination */
  219. result = Curl_rand(data, buffer, num/2);
  220. if(result)
  221. return result;
  222. while(num) {
  223. /* clang-tidy warns on this line without this comment: */
  224. /* NOLINTNEXTLINE(clang-analyzer-core.UndefinedBinaryOperatorResult) */
  225. *rnd++ = hex[(*bufp & 0xF0)>>4];
  226. *rnd++ = hex[*bufp & 0x0F];
  227. bufp++;
  228. num -= 2;
  229. }
  230. *rnd = 0;
  231. return result;
  232. }