From 77198d5310d961ba3605db74fe1d213bb5d19f34 Mon Sep 17 00:00:00 2001 From: Jay Berkenbilt Date: Mon, 6 Apr 2020 10:19:37 -0400 Subject: Delegate random number generation to crypto provider (fixes #418) --- include/qpdf/QPDFCryptoImpl.hh | 5 +++++ include/qpdf/QUtil.hh | 36 +++++++++++++----------------------- 2 files changed, 18 insertions(+), 23 deletions(-) (limited to 'include') diff --git a/include/qpdf/QPDFCryptoImpl.hh b/include/qpdf/QPDFCryptoImpl.hh index 8523ab01..4a531db4 100644 --- a/include/qpdf/QPDFCryptoImpl.hh +++ b/include/qpdf/QPDFCryptoImpl.hh @@ -41,6 +41,11 @@ class QPDF_DLL_CLASS QPDFCryptoImpl QPDF_DLL virtual ~QPDFCryptoImpl() = default; + // Random Number Generation + + QPDF_DLL + virtual void provideRandomData(unsigned char* data, size_t len) = 0; + // Hashing typedef unsigned char MD5_Digest[16]; diff --git a/include/qpdf/QUtil.hh b/include/qpdf/QUtil.hh index 912ebb32..eef70e0f 100644 --- a/include/qpdf/QUtil.hh +++ b/include/qpdf/QUtil.hh @@ -263,35 +263,25 @@ namespace QUtil QPDF_DLL std::vector possible_repaired_encodings(std::string); - // If secure random number generation is supported on your - // platform and qpdf was not compiled with insecure random number - // generation, this returns a cryptographically secure random - // number. Otherwise it falls back to random from stdlib and - // calls srandom automatically the first time it is called. + // Return a cryptographically secure random number. QPDF_DLL long random(); - // Initialize a buffer with random bytes. By default, qpdf tries - // to use a secure random number source. It can be configured at - // compile time to use an insecure random number source (from - // stdlib). You can also call setRandomDataProvider with a - // RandomDataProvider, in which case this method will get its - // random bytes from that. - + // Initialize a buffer with cryptographically secure random bytes. QPDF_DLL void initializeWithRandomBytes(unsigned char* data, size_t len); - // Supply a random data provider. If not supplied, depending on - // compile time options, qpdf will either use the operating - // system's secure random number source or an insecure random - // source from stdlib. The caller is responsible for managing the - // memory for the RandomDataProvider. This method modifies a - // static variable. If you are providing your own random data - // provider, you should call this at the beginning of your program - // before creating any QPDF objects. Passing a null to this - // method will reset the library back to whichever of the built-in - // random data handlers is appropriate based on how qpdf was - // compiled. + // Supply a random data provider. Starting in qpdf 10.0.0, qpdf + // uses the crypto provider as its source of random numbers. If + // you are using the native crypto provider, then qpdf will either + // use the operating system's secure random number source or, only + // if enabled at build time, an insecure random source from + // stdlib. The caller is responsible for managing the memory for + // the RandomDataProvider. This method modifies a static variable. + // If you are providing your own random data provider, you should + // call this at the beginning of your program before creating any + // QPDF objects. Passing a null to this method will reset the + // library back to its default random data provider. QPDF_DLL void setRandomDataProvider(RandomDataProvider*); -- cgit v1.2.3-54-g00ecf