LibCrypto+LibTLS: Use AK/Random.h

This makes it possible to build both of these on Linux.
This commit is contained in:
Andreas Kling 2020-05-27 12:28:17 +02:00
parent 9a113b0229
commit c1dd67e792
Notes: sideshowbarker 2024-07-19 06:04:37 +09:00
5 changed files with 17 additions and 8 deletions

View File

@ -26,6 +26,7 @@
#pragma once
#include <AK/Random.h>
#include <LibCrypto/BigInt/UnsignedBigInteger.h>
//#define NT_DEBUG
@ -289,7 +290,7 @@ static UnsignedBigInteger random_number(const UnsignedBigInteger& min, const Uns
// FIXME: Need a cryptographically secure rng
auto size = range.trimmed_length() * sizeof(u32);
u8 buf[size];
arc4random_buf(buf, size);
AK::fill_with_random(buf, size);
Vector<u32> vec;
for (size_t i = 0; i < size / sizeof(u32); ++i) {
vec.append(*(u32*)buf + i);

View File

@ -26,6 +26,7 @@
#pragma once
#include <AK/Random.h>
#include <LibCrypto/PK/Code/Code.h>
static constexpr u8 zeros[] { 0, 0, 0, 0, 0, 0, 0, 0 };
@ -56,7 +57,7 @@ public:
auto em_length = (em_bits + 7) / 8;
u8 salt[SaltLength];
arc4random_buf(salt, SaltLength);
AK::fill_with_random(salt, SaltLength);
if (em_length < hash_length + SaltLength + 2) {
dbg() << "Ooops...encoding error";

View File

@ -24,6 +24,7 @@
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <AK/Random.h>
#include <LibCrypto/ASN1/ASN1.h>
#include <LibCrypto/ASN1/DER.h>
#include <LibCrypto/ASN1/PEM.h>
@ -236,7 +237,10 @@ void RSA_PKCS1_EME::encrypt(const ByteBuffer& in, ByteBuffer& out)
auto ps_length = mod_len - in.size() - 3;
u8 ps[ps_length];
arc4random_buf(ps, ps_length);
// FIXME: Without this assertion, GCC refuses to compile due to a memcpy overflow(!?)
ASSERT(ps_length < 16384);
AK::fill_with_random(ps, ps_length);
// since arc4random can create zeros (shocking!)
// we have to go through and un-zero the zeros
for (size_t i = 0; i < ps_length; ++i)

View File

@ -24,6 +24,7 @@
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <AK/Random.h>
#include <LibCore/Timer.h>
#include <LibCrypto/ASN1/DER.h>
#include <LibCrypto/PK/Code/EMSA_PSS.h>
@ -245,12 +246,13 @@ void TLSv12::build_random(PacketBuilder& builder)
u8 random_bytes[48];
size_t bytes = 48;
arc4random_buf(random_bytes, bytes);
AK::fill_with_random(random_bytes, bytes);
// remove zeros from the random bytes
for (size_t i = 0; i < bytes; ++i)
for (size_t i = 0; i < bytes; ++i) {
if (!random_bytes[i])
random_bytes[i--] = arc4random();
random_bytes[i--] = AK::get_random<u8>();
}
if (m_context.is_server) {
dbg() << "Server mode not supported";

View File

@ -24,6 +24,7 @@
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <AK/Random.h>
#include <LibCore/Timer.h>
#include <LibCrypto/ASN1/DER.h>
#include <LibCrypto/PK/Code/EMSA_PSS.h>
@ -33,7 +34,7 @@ namespace TLS {
ByteBuffer TLSv12::build_hello()
{
arc4random_buf(&m_context.local_random, 32);
AK::fill_with_random(&m_context.local_random, 32);
auto packet_version = (u16)m_context.version;
auto version = (u16)m_context.version;
@ -42,7 +43,7 @@ ByteBuffer TLSv12::build_hello()
builder.append((u8)ClientHello);
// hello length (for later)
u8 dummy[3];
u8 dummy[3] = {};
builder.append(dummy, 3);
auto start_length = builder.length();