diff options
Diffstat (limited to 'libqpdf')
-rw-r--r-- | libqpdf/CryptoRandomDataProvider.cc | 24 | ||||
-rw-r--r-- | libqpdf/QPDFCrypto_gnutls.cc | 12 | ||||
-rw-r--r-- | libqpdf/QPDFCrypto_native.cc | 35 | ||||
-rw-r--r-- | libqpdf/QPDFCrypto_openssl.cc | 6 | ||||
-rw-r--r-- | libqpdf/QUtil.cc | 27 | ||||
-rw-r--r-- | libqpdf/build.mk | 1 | ||||
-rw-r--r-- | libqpdf/qpdf/CryptoRandomDataProvider.hh | 22 | ||||
-rw-r--r-- | libqpdf/qpdf/QPDFCrypto_gnutls.hh | 2 | ||||
-rw-r--r-- | libqpdf/qpdf/QPDFCrypto_native.hh | 2 | ||||
-rw-r--r-- | libqpdf/qpdf/QPDFCrypto_openssl.hh | 3 |
10 files changed, 109 insertions, 25 deletions
diff --git a/libqpdf/CryptoRandomDataProvider.cc b/libqpdf/CryptoRandomDataProvider.cc new file mode 100644 index 00000000..84c72fce --- /dev/null +++ b/libqpdf/CryptoRandomDataProvider.cc @@ -0,0 +1,24 @@ +#include <qpdf/CryptoRandomDataProvider.hh> +#include <qpdf/QPDFCryptoProvider.hh> + +CryptoRandomDataProvider::CryptoRandomDataProvider() +{ +} + +CryptoRandomDataProvider::~CryptoRandomDataProvider() +{ +} + +void +CryptoRandomDataProvider::provideRandomData(unsigned char* data, size_t len) +{ + auto crypto = QPDFCryptoProvider::getImpl(); + crypto->provideRandomData(data, len); +} + +RandomDataProvider* +CryptoRandomDataProvider::getInstance() +{ + static CryptoRandomDataProvider instance; + return &instance; +} diff --git a/libqpdf/QPDFCrypto_gnutls.cc b/libqpdf/QPDFCrypto_gnutls.cc index d9383064..c57e153f 100644 --- a/libqpdf/QPDFCrypto_gnutls.cc +++ b/libqpdf/QPDFCrypto_gnutls.cc @@ -30,6 +30,18 @@ QPDFCrypto_gnutls::~QPDFCrypto_gnutls() } void +QPDFCrypto_gnutls::provideRandomData(unsigned char* data, size_t len) +{ + int code = gnutls_rnd (GNUTLS_RND_KEY, data, len); + if (code < 0) + { + throw std::runtime_error( + std::string("gnutls: random number generation error: ") + + std::string(gnutls_strerror(code))); + } +} + +void QPDFCrypto_gnutls::MD5_init() { MD5_finalize(); diff --git a/libqpdf/QPDFCrypto_native.cc b/libqpdf/QPDFCrypto_native.cc index d078ba77..389b5708 100644 --- a/libqpdf/QPDFCrypto_native.cc +++ b/libqpdf/QPDFCrypto_native.cc @@ -1,6 +1,41 @@ #include <qpdf/QPDFCrypto_native.hh> #include <qpdf/QUtil.hh> +#ifdef USE_INSECURE_RANDOM +# include <qpdf/InsecureRandomDataProvider.hh> +#endif +#include <qpdf/SecureRandomDataProvider.hh> + +static RandomDataProvider* getRandomProvider() +{ +#ifdef USE_INSECURE_RANDOM + static RandomDataProvider* insecure_random_data_provider = + InsecureRandomDataProvider::getInstance(); +#else + static RandomDataProvider* insecure_random_data_provider = 0; +#endif + static RandomDataProvider* secure_random_data_provider = + SecureRandomDataProvider::getInstance(); + + static RandomDataProvider* provider = ( + secure_random_data_provider ? secure_random_data_provider + : insecure_random_data_provider ? insecure_random_data_provider + : 0); + + if (provider == 0) + { + throw std::logic_error("QPDFCrypto_native has no random data provider"); + } + + return provider; +} + +void +QPDFCrypto_native::provideRandomData(unsigned char* data, size_t len) +{ + getRandomProvider()->provideRandomData(data, len); +} + void QPDFCrypto_native::MD5_init() { diff --git a/libqpdf/QPDFCrypto_openssl.cc b/libqpdf/QPDFCrypto_openssl.cc index c226fc9c..b1866b5d 100644 --- a/libqpdf/QPDFCrypto_openssl.cc +++ b/libqpdf/QPDFCrypto_openssl.cc @@ -39,6 +39,12 @@ QPDFCrypto_openssl::~QPDFCrypto_openssl() } void +QPDFCrypto_openssl::provideRandomData(unsigned char* data, size_t len) +{ + check_openssl(RAND_bytes(data, QIntC::to_int(len))); +} + +void QPDFCrypto_openssl::MD5_init() { check_openssl(EVP_MD_CTX_reset(md_ctx)); diff --git a/libqpdf/QUtil.cc b/libqpdf/QUtil.cc index fa0cf8ae..94132fa5 100644 --- a/libqpdf/QUtil.cc +++ b/libqpdf/QUtil.cc @@ -3,10 +3,7 @@ #include <qpdf/QUtil.hh> #include <qpdf/PointerHolder.hh> -#ifdef USE_INSECURE_RANDOM -# include <qpdf/InsecureRandomDataProvider.hh> -#endif -#include <qpdf/SecureRandomDataProvider.hh> +#include <qpdf/CryptoRandomDataProvider.hh> #include <qpdf/QPDFSystemError.hh> #include <qpdf/QTC.hh> #include <qpdf/QIntC.hh> @@ -891,29 +888,9 @@ class RandomDataProviderProvider }; RandomDataProviderProvider::RandomDataProviderProvider() : - default_provider(0), + default_provider(CryptoRandomDataProvider::getInstance()), current_provider(0) { -#ifdef USE_INSECURE_RANDOM - static RandomDataProvider* insecure_random_data_provider = - InsecureRandomDataProvider::getInstance(); -#else - static RandomDataProvider* insecure_random_data_provider = 0; -#endif - static RandomDataProvider* secure_random_data_provider = - SecureRandomDataProvider::getInstance(); - - this->default_provider = ( - secure_random_data_provider ? secure_random_data_provider - : insecure_random_data_provider ? insecure_random_data_provider - : 0); - - // QUtil.hh has comments indicating that getRandomDataProvider(), - // which calls this method, never returns null. - if (this->default_provider == 0) - { - throw std::logic_error("QPDF has no random data provider"); - } this->current_provider = default_provider; } diff --git a/libqpdf/build.mk b/libqpdf/build.mk index 69b1693c..ec13b46b 100644 --- a/libqpdf/build.mk +++ b/libqpdf/build.mk @@ -27,6 +27,7 @@ SRCS_libqpdf = \ libqpdf/BufferInputSource.cc \ libqpdf/ClosedFileInputSource.cc \ libqpdf/ContentNormalizer.cc \ + libqpdf/CryptoRandomDataProvider.cc \ libqpdf/FileInputSource.cc \ libqpdf/InputSource.cc \ libqpdf/InsecureRandomDataProvider.cc \ diff --git a/libqpdf/qpdf/CryptoRandomDataProvider.hh b/libqpdf/qpdf/CryptoRandomDataProvider.hh new file mode 100644 index 00000000..581fd511 --- /dev/null +++ b/libqpdf/qpdf/CryptoRandomDataProvider.hh @@ -0,0 +1,22 @@ +#ifndef CRYPTORANDOMDATAPROVIDER_HH +#define CRYPTORANDOMDATAPROVIDER_HH + +#include <qpdf/RandomDataProvider.hh> +#include <qpdf/DLL.h> + +class CryptoRandomDataProvider: public RandomDataProvider +{ + public: + QPDF_DLL + CryptoRandomDataProvider(); + QPDF_DLL + virtual ~CryptoRandomDataProvider(); + + QPDF_DLL + virtual void provideRandomData(unsigned char* data, size_t len); + + QPDF_DLL + static RandomDataProvider* getInstance(); +}; + +#endif // CRYPTORANDOMDATAPROVIDER_HH diff --git a/libqpdf/qpdf/QPDFCrypto_gnutls.hh b/libqpdf/qpdf/QPDFCrypto_gnutls.hh index e7e21182..f17c4474 100644 --- a/libqpdf/qpdf/QPDFCrypto_gnutls.hh +++ b/libqpdf/qpdf/QPDFCrypto_gnutls.hh @@ -15,6 +15,8 @@ class QPDFCrypto_gnutls: public QPDFCryptoImpl QPDF_DLL virtual ~QPDFCrypto_gnutls(); + virtual void provideRandomData(unsigned char* data, size_t len); + virtual void MD5_init(); virtual void MD5_update(unsigned char const* data, size_t len); virtual void MD5_finalize(); diff --git a/libqpdf/qpdf/QPDFCrypto_native.hh b/libqpdf/qpdf/QPDFCrypto_native.hh index dcfb6834..cd1909cc 100644 --- a/libqpdf/qpdf/QPDFCrypto_native.hh +++ b/libqpdf/qpdf/QPDFCrypto_native.hh @@ -17,6 +17,8 @@ class QPDFCrypto_native: public QPDFCryptoImpl QPDF_DLL virtual ~QPDFCrypto_native() = default; + virtual void provideRandomData(unsigned char* data, size_t len); + virtual void MD5_init(); virtual void MD5_update(unsigned char const* data, size_t len); virtual void MD5_finalize(); diff --git a/libqpdf/qpdf/QPDFCrypto_openssl.hh b/libqpdf/qpdf/QPDFCrypto_openssl.hh index ff8c4831..a56e490f 100644 --- a/libqpdf/qpdf/QPDFCrypto_openssl.hh +++ b/libqpdf/qpdf/QPDFCrypto_openssl.hh @@ -9,6 +9,7 @@ #else #include <openssl/evp.h> #endif +#include <openssl/rand.h> class QPDFCrypto_openssl: public QPDFCryptoImpl { @@ -18,6 +19,8 @@ class QPDFCrypto_openssl: public QPDFCryptoImpl QPDF_DLL ~QPDFCrypto_openssl() override; + void provideRandomData(unsigned char* data, size_t len) override; + void MD5_init() override; void MD5_update(unsigned char const* data, size_t len) override; void MD5_finalize() override; |