* random.c: random_raw_seed don't use GRND_NONBLOCK. GRND_NONBLOCK

mean the result might not have an enough cryptic strength and easy predictable. That's no good for SecureRandom. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52808 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2022-11-09 12:17:21 -05:00 · 2015-11-30 20:27:11 +00:00 · 2015-11-30 20:27:11 +00:00 · f7bd7d6f1f
commit f7bd7d6f1f
parent 9401002fde
2 changed files with 17 additions and 8 deletions
--- a/6
+++ b/6
@ -1,3 +1,9 @@
+Wed Oct 21 08:23:36 2015  KOSAKI Motohiro  <kosaki.motohiro@gmail.com>
+
+	* random.c: random_raw_seed don't use GRND_NONBLOCK. GRND_NONBLOCK
+	  mean the result might not have an enough cryptic strength and
+	  easy predictable. That's no good for SecureRandom.
+
 Sun Oct 18 17:26:53 2015  KOSAKI Motohiro  <kosaki.motohiro@gmail.com>

 	* missing/explicit_bzero.c: new file. define explicit_bzero.
--- a/random.c
+++ b/random.c
@ -495,7 +495,7 @@ release_crypt(void *p)
 }

 static int
-fill_random_bytes_syscall(void *seed, size_t size)
+fill_random_bytes_syscall(void *seed, size_t size, int unused)
 {
    static HCRYPTPROV perm_prov;
    HCRYPTPROV prov = perm_prov, old_prov;
@ -528,13 +528,16 @@ fill_random_bytes_syscall(void *seed, size_t size)
 # endif

 static int
-fill_random_bytes_syscall(void *seed, size_t size)
+fill_random_bytes_syscall(void *seed, size_t size, int need_secure)
 {
    static rb_atomic_t try_syscall = 1;
    if (try_syscall) {
 	long ret;
+	int flags = 0;
+	if (!need_secure)
+	    flags = GRND_NONBLOCK;
 	errno = 0;
-	ret = syscall(SYS_getrandom, seed, size, GRND_NONBLOCK);
+	ret = syscall(SYS_getrandom, seed, size, flags);
 	if (errno == ENOSYS) {
 	    ATOMIC_SET(try_syscall, 0);
 	    return -1;
@ -544,13 +547,13 @@ fill_random_bytes_syscall(void *seed, size_t size)
    return -1;
 }
 #else
-# define fill_random_bytes_syscall(seed, size) -1
+# define fill_random_bytes_syscall(seed, size, need_secure) -1
 #endif

 static int
-fill_random_bytes(void *seed, size_t size)
+fill_random_bytes(void *seed, size_t size, int need_secure)
 {
-    int ret = fill_random_bytes_syscall(seed, size);
+    int ret = fill_random_bytes_syscall(seed, size, need_secure);
    if (ret == 0) return ret;
    return fill_random_bytes_urandom(seed, size);
 }
@ -563,7 +566,7 @@ fill_random_seed(uint32_t seed[DEFAULT_SEED_CNT])

    memset(seed, 0, DEFAULT_SEED_LEN);

-    fill_random_bytes(seed, sizeof(*seed));
+    fill_random_bytes(seed, sizeof(*seed), TRUE);

    gettimeofday(&tv, 0);
    seed[0] ^= tv.tv_usec;
@ -631,7 +634,7 @@ random_raw_seed(VALUE self, VALUE size)
    long n = NUM2ULONG(size);
    VALUE buf = rb_str_new(0, n);
    if (n == 0) return buf;
-    if (fill_random_bytes(RSTRING_PTR(buf), n)) return Qnil;
+    if (fill_random_bytes(RSTRING_PTR(buf), n, FALSE)) return Qnil;
    return buf;
 }