File

util-src/crand.c @ 7915:e3d3ebd417f4

util.crand: Throw error if OpenSSLs RNG is not seeded
author Kim Alvefur <zash@zash.se>
date Sat, 25 Feb 2017 17:57:22 +0100
parent 7832:d02ef0ae94af
child 7918:12e5a54907b6
line wrap: on
line source

/* Prosody IM
-- Copyright (C) 2008-2017 Matthew Wild
-- Copyright (C) 2008-2017 Waqas Hussain
-- Copyright (C) 2016-2017 Kim Alvefur
--
-- This project is MIT/X11 licensed. Please see the
-- COPYING file in the source package for more information.
--
*/

/*
* crand.c
* C PRNG interface
*
* The purpose of this module is to provide access to a PRNG in
* environments without /dev/urandom
*
* Caution! This has not been extensively tested.
*
*/

#include "lualib.h"
#include "lauxlib.h"

#include <string.h>
#include <errno.h>

#if defined(WITH_GETRANDOM)
#include <unistd.h>
#include <sys/syscall.h>
#include <linux/random.h>

#ifndef SYS_getrandom
#error getrandom() requires Linux 3.17 or later
#endif

/*
 * This acts like a read from /dev/urandom with the exception that it
 * *does* block if the entropy pool is not yet initialized.
 */
int getrandom(void *buf, size_t len, int flags) {
	return syscall(SYS_getrandom, buf, len, flags);
}

#elif defined(WITH_ARC4RANDOM)
#include <stdlib.h>
#elif defined(WITH_OPENSSL)
#include <openssl/rand.h>
#else
#error util.crand compiled without a random source
#endif

int Lrandom(lua_State *L) {
	int ret = 0;
	size_t len = (size_t)luaL_checkinteger(L, 1);
	void *buf = lua_newuserdata(L, len);

#if defined(WITH_GETRANDOM)
	ret = getrandom(buf, len, 0);

	if(ret < 0) {
		lua_pushstring(L, strerror(errno));
		return lua_error(L);
	}

#elif defined(WITH_ARC4RANDOM)
	arc4random_buf(buf, len);
	ret = len;
#elif defined(WITH_OPENSSL)
	if(!RAND_status()) {
		lua_pushliteral(L, "OpenSSL PRNG not seeded");
		lua_error(L);
	}

	ret = RAND_bytes(buf, len);

	if(ret == 1) {
		ret = len;
	} else {
		/* TODO ERR_get_error() */
		lua_pushstring(L, "RAND_bytes() failed");
		return lua_error(L);
	}

#endif

	lua_pushlstring(L, buf, ret);
	return 1;
}

int luaopen_util_crand(lua_State *L) {
#if (LUA_VERSION_NUM > 501)
	luaL_checkversion(L);
#endif

	lua_newtable(L);
	lua_pushcfunction(L, Lrandom);
	lua_setfield(L, -2, "bytes");

#if defined(WITH_GETRANDOM)
	lua_pushstring(L, "Linux");
#elif defined(WITH_ARC4RANDOM)
	lua_pushstring(L, "arc4random()");
#elif defined(WITH_OPENSSL)
	lua_pushstring(L, "OpenSSL");
#endif
	lua_setfield(L, -2, "_source");

	return 1;
}