Daniel P. Berrange | f3c8355 | 2016-07-21 10:37:14 +0100 | [diff] [blame] | 1 | /* |
| 2 | * QEMU Crypto random number provider |
| 3 | * |
| 4 | * Copyright (c) 2015-2016 Red Hat, Inc. |
| 5 | * |
| 6 | * This library is free software; you can redistribute it and/or |
| 7 | * modify it under the terms of the GNU Lesser General Public |
| 8 | * License as published by the Free Software Foundation; either |
| 9 | * version 2 of the License, or (at your option) any later version. |
| 10 | * |
| 11 | * This library is distributed in the hope that it will be useful, |
| 12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| 14 | * Lesser General Public License for more details. |
| 15 | * |
| 16 | * You should have received a copy of the GNU Lesser General Public |
| 17 | * License along with this library; if not, see <http://www.gnu.org/licenses/>. |
| 18 | * |
| 19 | */ |
| 20 | |
| 21 | #include "qemu/osdep.h" |
| 22 | |
| 23 | #include "crypto/random.h" |
| 24 | |
Geert Martin Ijewski | a372781 | 2017-04-26 00:15:01 +0200 | [diff] [blame] | 25 | #ifdef _WIN32 |
Gerd Hoffmann | 612fc05 | 2017-05-16 07:24:39 +0200 | [diff] [blame] | 26 | #include <wincrypt.h> |
Geert Martin Ijewski | a372781 | 2017-04-26 00:15:01 +0200 | [diff] [blame] | 27 | static HCRYPTPROV hCryptProv; |
| 28 | #else |
| 29 | static int fd; /* a file handle to either /dev/urandom or /dev/random */ |
| 30 | #endif |
Daniel P. Berrange | f3c8355 | 2016-07-21 10:37:14 +0100 | [diff] [blame] | 31 | |
Geert Martin Ijewski | a372781 | 2017-04-26 00:15:01 +0200 | [diff] [blame] | 32 | int qcrypto_random_init(Error **errp) |
| 33 | { |
| 34 | #ifndef _WIN32 |
Daniel P. Berrange | f3c8355 | 2016-07-21 10:37:14 +0100 | [diff] [blame] | 35 | /* TBD perhaps also add support for BSD getentropy / Linux |
| 36 | * getrandom syscalls directly */ |
| 37 | fd = open("/dev/urandom", O_RDONLY); |
| 38 | if (fd == -1 && errno == ENOENT) { |
| 39 | fd = open("/dev/random", O_RDONLY); |
| 40 | } |
| 41 | |
| 42 | if (fd < 0) { |
| 43 | error_setg(errp, "No /dev/urandom or /dev/random found"); |
| 44 | return -1; |
| 45 | } |
Geert Martin Ijewski | a372781 | 2017-04-26 00:15:01 +0200 | [diff] [blame] | 46 | #else |
| 47 | if (!CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL, |
| 48 | CRYPT_SILENT | CRYPT_VERIFYCONTEXT)) { |
| 49 | error_setg_win32(errp, GetLastError(), |
| 50 | "Unable to create cryptographic provider"); |
| 51 | return -1; |
| 52 | } |
| 53 | #endif |
| 54 | |
| 55 | return 0; |
| 56 | } |
| 57 | |
| 58 | int qcrypto_random_bytes(uint8_t *buf G_GNUC_UNUSED, |
| 59 | size_t buflen G_GNUC_UNUSED, |
| 60 | Error **errp) |
| 61 | { |
| 62 | #ifndef _WIN32 |
| 63 | int ret = -1; |
| 64 | int got; |
Daniel P. Berrange | f3c8355 | 2016-07-21 10:37:14 +0100 | [diff] [blame] | 65 | |
| 66 | while (buflen > 0) { |
| 67 | got = read(fd, buf, buflen); |
| 68 | if (got < 0) { |
| 69 | error_setg_errno(errp, errno, |
| 70 | "Unable to read random bytes"); |
| 71 | goto cleanup; |
| 72 | } else if (!got) { |
| 73 | error_setg(errp, |
| 74 | "Unexpected EOF reading random bytes"); |
| 75 | goto cleanup; |
| 76 | } |
| 77 | buflen -= got; |
| 78 | buf += got; |
| 79 | } |
| 80 | |
| 81 | ret = 0; |
| 82 | cleanup: |
Daniel P. Berrange | f3c8355 | 2016-07-21 10:37:14 +0100 | [diff] [blame] | 83 | return ret; |
Geert Martin Ijewski | a372781 | 2017-04-26 00:15:01 +0200 | [diff] [blame] | 84 | #else |
| 85 | if (!CryptGenRandom(hCryptProv, buflen, buf)) { |
| 86 | error_setg_win32(errp, GetLastError(), |
| 87 | "Unable to read random bytes"); |
| 88 | return -1; |
| 89 | } |
| 90 | |
| 91 | return 0; |
| 92 | #endif |
Daniel P. Berrange | f3c8355 | 2016-07-21 10:37:14 +0100 | [diff] [blame] | 93 | } |