1/***
2  This file is part of PulseAudio.
3
4  Copyright 2004-2006 Lennart Poettering
5  Copyright 2006 Pierre Ossman <ossman@cendio.se> for Cendio AB
6
7  PulseAudio is free software; you can redistribute it and/or modify
8  it under the terms of the GNU Lesser General Public License as
9  published by the Free Software Foundation; either version 2.1 of the
10  License, or (at your option) any later version.
11
12  PulseAudio is distributed in the hope that it will be useful, but
13  WITHOUT ANY WARRANTY; without even the implied warranty of
14  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15  Lesser General Public License for more details.
16
17  You should have received a copy of the GNU Lesser General Public
18  License along with PulseAudio; if not, see <http://www.gnu.org/licenses/>.
19***/
20
21#ifdef HAVE_CONFIG_H
22#include <config.h>
23#endif
24
25#include <fcntl.h>
26#include <unistd.h>
27#include <errno.h>
28#include <stdlib.h>
29#include <time.h>
30
31#ifdef HAVE_WINDOWS_H
32#include <windows.h>
33#include <wincrypt.h>
34#endif
35
36#include <pulsecore/core-util.h>
37#include <pulsecore/log.h>
38#include <pulsecore/macro.h>
39
40#include "random.h"
41
42static bool has_whined = false;
43
44static const char * const devices[] = { "/dev/urandom", "/dev/random", NULL };
45
46static int random_proper(void *ret_data, size_t length) {
47#ifdef OS_IS_WIN32
48    int ret = -1;
49
50    HCRYPTPROV hCryptProv = 0;
51
52    pa_assert(ret_data);
53    pa_assert(length > 0);
54
55    if (CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) {
56        if (CryptGenRandom(hCryptProv, length, ret_data))
57            ret = 0;
58        CryptReleaseContext(hCryptProv, 0);
59    }
60
61    return ret;
62
63#else /* OS_IS_WIN32 */
64
65    int fd, ret = -1;
66    ssize_t r = 0;
67    const char *const * device;
68
69    pa_assert(ret_data);
70    pa_assert(length > 0);
71
72    device = devices;
73
74    while (*device) {
75        ret = 0;
76
77        if ((fd = pa_open_cloexec(*device, O_RDONLY, 0)) >= 0) {
78
79            if ((r = pa_loop_read(fd, ret_data, length, NULL)) < 0 || (size_t) r != length)
80                ret = -1;
81
82            pa_close(fd);
83        } else
84            ret = -1;
85
86        if (ret == 0)
87            break;
88
89        device++;
90    }
91
92    return ret;
93#endif /* OS_IS_WIN32 */
94}
95
96void pa_random_seed(void) {
97    unsigned int seed;
98
99    if (random_proper(&seed, sizeof(unsigned int)) < 0) {
100
101        if (!has_whined) {
102            pa_log_warn("Failed to get proper entropy. Falling back to seeding with current time.");
103            has_whined = true;
104        }
105
106        seed = (unsigned int) time(NULL);
107    }
108
109    srand(seed);
110}
111
112void pa_random(void *ret_data, size_t length) {
113    uint8_t *p;
114    size_t l;
115
116    pa_assert(ret_data);
117    pa_assert(length > 0);
118
119    if (random_proper(ret_data, length) >= 0)
120        return;
121
122    if (!has_whined) {
123        pa_log_warn("Failed to get proper entropy. Falling back to unsecure pseudo RNG.");
124        has_whined = true;
125    }
126
127    for (p = ret_data, l = length; l > 0; p++, l--)
128        *p = (uint8_t) rand();
129}
130