diff options
author | Jay Berkenbilt <ejb@ql.org> | 2013-10-05 23:36:33 +0200 |
---|---|---|
committer | Jay Berkenbilt <ejb@ql.org> | 2013-10-18 16:45:12 +0200 |
commit | 4229457068d6a28cc11b506f127a7bb650ab18c1 (patch) | |
tree | 822ce1e1eccdcc4a819a5805403b884a3e04791d /include/qpdf | |
parent | 25687ddd71885c1b0a74d3f3f4e011fadbfd40e0 (diff) | |
download | qpdf-4229457068d6a28cc11b506f127a7bb650ab18c1.tar.zst |
Security: use a secure random number generator
If not available, give an error. The user may also configure qpdf to
use an insecure random number generator.
Diffstat (limited to 'include/qpdf')
-rw-r--r-- | include/qpdf/QUtil.hh | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/include/qpdf/QUtil.hh b/include/qpdf/QUtil.hh index 8bad535d..cbdc065c 100644 --- a/include/qpdf/QUtil.hh +++ b/include/qpdf/QUtil.hh @@ -108,12 +108,18 @@ namespace QUtil QPDF_DLL std::string toUTF8(unsigned long uval); - // Wrapper around random from stdlib. Calls srandom automatically - // the first time it is called. + // If secure random number generation is supported on your + // platform and qpdf was not compiled with insecure random number + // generation, this returns a crytographically secure random + // number. Otherwise it falls back to random from stdlib and + // calls srandom automatically the first time it is called. QPDF_DLL long random(); - // Wrapper around srandom from stdlib. + // Wrapper around srandom from stdlib. Seeds the standard library + // weak random number generator, which is not used if secure + // random number generation is being used. You never need to call + // this method as it is called automatically if needed. QPDF_DLL void srandom(unsigned int seed); |