Automatically perform initialization when slunkcrypt_random_bytes() is called for the first time.
This commit is contained in:
parent
0f7c309034
commit
f3f97110f6
4
Makefile
4
Makefile
@ -39,6 +39,10 @@ else
|
||||
SUFFIX :=
|
||||
endif
|
||||
|
||||
ifeq ($(filter %-mingw32 %-windows-gnu,$(MACHINE)),)
|
||||
LDFLGS += -lpthread
|
||||
endif
|
||||
|
||||
ifeq ($(STATIC),1)
|
||||
LDFLGS += -static
|
||||
endif
|
||||
|
@ -192,7 +192,7 @@ static int encrypt(const char* const passphrase, const CHR* const input_path, co
|
||||
uint64_t nonce;
|
||||
if (slunkcrypt_generate_nonce(&nonce) != SLUNKCRYPT_SUCCESS)
|
||||
{
|
||||
FPUTS(T("\n\nSlunkCrypt error: Failed to generate salt!\n\n"), stderr);
|
||||
FPUTS(T("\n\nSlunkCrypt error: Failed to generate nonce!\n\n"), stderr);
|
||||
goto clean_up;
|
||||
}
|
||||
|
||||
@ -206,7 +206,7 @@ static int encrypt(const char* const passphrase, const CHR* const input_path, co
|
||||
nonce = swap_bytes_u64(nonce);
|
||||
if (fwrite(&nonce, sizeof(uint64_t), 1U, file_out) < 1U)
|
||||
{
|
||||
FPUTS(T("\n\nI/O error: Failed to write salt value!\n\n"), stderr);
|
||||
FPUTS(T("\n\nI/O error: Failed to write nonce value!\n\n"), stderr);
|
||||
goto clean_up;
|
||||
}
|
||||
|
||||
@ -338,7 +338,7 @@ static int decrypt(const char* const passphrase, const CHR* const input_path, co
|
||||
uint64_t nonce;
|
||||
if (fread(&nonce, sizeof(uint64_t), 1U, file_in) < 1U)
|
||||
{
|
||||
FPUTS(T("\n\nI/O error: Failed to read salt value!\n\n"), stderr);
|
||||
FPUTS(T("\n\nI/O error: Failed to read nonce value!\n\n"), stderr);
|
||||
goto clean_up;
|
||||
}
|
||||
|
||||
@ -470,7 +470,7 @@ static int run_test_case(const char *const message, const uint64_t checksum)
|
||||
uint64_t nonce;
|
||||
if (slunkcrypt_generate_nonce(&nonce) != SLUNKCRYPT_SUCCESS)
|
||||
{
|
||||
FPUTS(T("\n\nWhoops: Failed to generate salt!\n\n"), stderr);
|
||||
FPUTS(T("\n\nWhoops: Failed to generate nonce!\n\n"), stderr);
|
||||
return EXIT_FAILURE;
|
||||
}
|
||||
|
||||
@ -596,8 +596,6 @@ int MAIN(const int argc, CHR *const argv[])
|
||||
FPRINTF(stderr, T("SlunkCrypt Utility (%") T(PRIstr) T("-%") T(PRIstr) T("), by LoRd_MuldeR <MuldeR2@GMX.de>\n"), OS_TYPE, CPU_ARCH);
|
||||
FPRINTF(stderr, T("Using libSlunkCrypt v%u.%u.%u [%") T(PRIstr) T("]\n\n"), SLUNKCRYPT_VERSION_MAJOR, SLUNKCRYPT_VERSION_MINOR, SLUNKCRYPT_VERSION_PATCH, SLUNKCRYPT_BUILD);
|
||||
|
||||
slunkcrypt_startup();
|
||||
|
||||
/* ----------------------------------------------------- */
|
||||
/* Parse arguments */
|
||||
/* ----------------------------------------------------- */
|
||||
@ -714,7 +712,6 @@ clean_up:
|
||||
free(passphrase_buffer);
|
||||
}
|
||||
|
||||
slunkcrypt_cleanup();
|
||||
return result;
|
||||
}
|
||||
|
||||
|
@ -78,13 +78,7 @@ SLUNKCRYPT_API extern const char *const SLUNKCRYPT_BUILD;
|
||||
SLUNKCRYPT_API extern volatile int g_slunkcrypt_abort_flag;
|
||||
|
||||
/*
|
||||
* Global (de)initialization routines
|
||||
*/
|
||||
SLUNKCRYPT_API void slunkcrypt_startup(void);
|
||||
SLUNKCRYPT_API void slunkcrypt_cleanup(void);
|
||||
|
||||
/*
|
||||
* Seed generator
|
||||
* Nonce generator
|
||||
*/
|
||||
SLUNKCRYPT_API int slunkcrypt_generate_nonce(uint64_t* const nonce);
|
||||
|
||||
@ -110,10 +104,11 @@ SLUNKCRYPT_API int slunkcrypt_decrypt_inplace(const slunkcrypt_t context, uint8_
|
||||
/*
|
||||
* Auxiliary functions
|
||||
*/
|
||||
SLUNKCRYPT_API int slunkcrypt_random_bytes(uint8_t* const buffer, const size_t length);
|
||||
SLUNKCRYPT_API size_t slunkcrypt_random_bytes(uint8_t* const buffer, const size_t length);
|
||||
SLUNKCRYPT_API void slunkcrypt_bzero(void* const ptr, const size_t length);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
@ -15,159 +15,155 @@
|
||||
#ifdef _WIN32
|
||||
# define WIN32_LEAN_AND_MEAN 1
|
||||
# include <Windows.h>
|
||||
# define SCHED_YIELD() Sleep(1U)
|
||||
# define COMPARE_AND_SWAP(PTR,OLD,NEW) InterlockedCompareExchange((PTR),(NEW),(OLD))
|
||||
# define ATOMIC_STORE(PTR,VAL) InterlockedExchange((PTR),(VAL))
|
||||
# if defined(SecureZeroMemory)
|
||||
# define HAVE_SECURE_ZERO_MEMORY 1
|
||||
# else
|
||||
# define HAVE_SECURE_ZERO_MEMORY 0
|
||||
# endif
|
||||
# define HAVE_GETRANDOM 0
|
||||
# define HAVE_EXPLICIT_BZERO 0
|
||||
#else
|
||||
# include <unistd.h>
|
||||
# include <sched.h>
|
||||
# define SCHED_YIELD() sched_yield()
|
||||
# if defined(__GNUC__) || defined(__clang__) || defined(__INTEL_COMPILER)
|
||||
# define COMPARE_AND_SWAP(PTR,OLD,NEW) __sync_val_compare_and_swap((PTR),(OLD),(NEW))
|
||||
# define ATOMIC_STORE(PTR,VAL) __atomic_store_n((PTR),(VAL),__ATOMIC_RELEASE)
|
||||
# else
|
||||
# define COMPARE_AND_SWAP(PTR,OLD,NEW) ((OLD))
|
||||
# define ATOMIC_STORE(PTR,VAL) do { *(PTR) = (VAL); } while(0)
|
||||
# endif
|
||||
# if defined(__GLIBC__) && (__GLIBC__ >= 2) && (__GLIBC_MINOR__ >= 25)
|
||||
# define HAVE_GETRANDOM 1
|
||||
# define HAVE_EXPLICIT_BZERO 1
|
||||
# elif defined(__FreeBSD__) && (__FreeBSD__ >= 12)
|
||||
# define HAVE_GETRANDOM 1
|
||||
# define HAVE_EXPLICIT_BZERO 1
|
||||
# elif defined(__FreeBSD__) && (__FreeBSD__ >= 11)
|
||||
# define HAVE_GETRANDOM 0
|
||||
# define HAVE_EXPLICIT_BZERO 1
|
||||
# else
|
||||
# define HAVE_GETRANDOM 0
|
||||
# define HAVE_EXPLICIT_BZERO 0
|
||||
# endif
|
||||
# if HAVE_GETRANDOM
|
||||
# include <sys/random.h>
|
||||
# endif
|
||||
# include <pthread.h>
|
||||
#endif
|
||||
|
||||
// ==========================================================================
|
||||
// Critical sections
|
||||
// One-time init
|
||||
// ==========================================================================
|
||||
|
||||
static int enter_critsec(volatile long *const lock, const int flag)
|
||||
#ifdef _WIN32
|
||||
# define ONCE_TYPE volatile LONG
|
||||
# define ONCE_INIT 0L
|
||||
# define ONCE_FUNC win32_run_once
|
||||
#else
|
||||
# define ONCE_TYPE pthread_once_t
|
||||
# define ONCE_INIT PTHREAD_ONCE_INIT
|
||||
# define ONCE_FUNC pthread_once
|
||||
#endif
|
||||
|
||||
#ifdef _WIN32
|
||||
static void win32_run_once(ONCE_TYPE *const control, void (*init_routine)(void))
|
||||
{
|
||||
const long expected = flag ? 0L : 1L;
|
||||
long status;
|
||||
while ((status = COMPARE_AND_SWAP(lock, expected, -1L)) < 0L)
|
||||
LONG status;
|
||||
while ((status = InterlockedCompareExchange(control, -1L, 0L)) != 0L)
|
||||
{
|
||||
SCHED_YIELD();
|
||||
if(status > 0L)
|
||||
{
|
||||
return; /*already initialized*/
|
||||
}
|
||||
SwitchToThread();
|
||||
}
|
||||
return (status == expected);
|
||||
}
|
||||
|
||||
static void leave_critsec(volatile long *const lock, const int flag)
|
||||
{
|
||||
ATOMIC_STORE(lock, flag ? 1L : 0L);
|
||||
init_routine();
|
||||
InterlockedExchange(control, 1L);
|
||||
}
|
||||
#endif
|
||||
|
||||
// ==========================================================================
|
||||
// (De)Initialization
|
||||
// Random bytes
|
||||
// ==========================================================================
|
||||
|
||||
static volatile long s_initialized = 0L;
|
||||
#ifdef _WIN32
|
||||
# define HAVE_GETRANDOM 0
|
||||
#else
|
||||
# if defined(__GLIBC__) && (__GLIBC__ >= 2) && (__GLIBC_MINOR__ >= 25)
|
||||
# define HAVE_GETRANDOM 1
|
||||
# elif defined(__FreeBSD__) && (__FreeBSD__ >= 12)
|
||||
# define HAVE_GETRANDOM 1
|
||||
# else
|
||||
# define HAVE_GETRANDOM 0
|
||||
# endif
|
||||
#endif
|
||||
#if HAVE_GETRANDOM
|
||||
# include <sys/random.h>
|
||||
#endif
|
||||
|
||||
/* Global state */
|
||||
static ONCE_TYPE s_random_is_initialized = ONCE_INIT;
|
||||
#if defined(_WIN32)
|
||||
typedef BOOLEAN(WINAPI *genrandom_t)(void*, ULONG);
|
||||
static HMODULE s_advapi32 = NULL;
|
||||
static genrandom_t s_genrandom = NULL;
|
||||
typedef BOOLEAN(WINAPI *rtl_genrandom_t)(void *buffer, ULONG buff_size);
|
||||
static HMODULE s_dll_advapi32 = NULL;
|
||||
static rtl_genrandom_t s_rtl_genrandom = NULL;
|
||||
#elif !HAVE_GETRANDOM
|
||||
static const char *const DEV_RANDOM[] = { "/dev/urandom", "/dev/arandom", "/dev/random", NULL };
|
||||
static int s_random_fd = -1;
|
||||
#endif
|
||||
|
||||
void slunkcrypt_startup(void)
|
||||
/* Close down CSRNG */
|
||||
static void exit_random_source(void)
|
||||
{
|
||||
if (enter_critsec(&s_initialized, 1))
|
||||
{
|
||||
#if defined(_WIN32)
|
||||
if ((s_advapi32 = LoadLibraryW(L"advapi32.dll")))
|
||||
{
|
||||
s_genrandom = (genrandom_t)GetProcAddress(s_advapi32, "SystemFunction036");
|
||||
}
|
||||
#elif !HAVE_GETRANDOM
|
||||
for (size_t i = 0U; (s_random_fd < 0) && DEV_RANDOM[i]; ++i)
|
||||
{
|
||||
s_random_fd = open(DEV_RANDOM[i], O_RDONLY);
|
||||
}
|
||||
#endif
|
||||
leave_critsec(&s_initialized, 1);
|
||||
s_rtl_genrandom = NULL;
|
||||
if (s_dll_advapi32)
|
||||
{
|
||||
FreeLibrary(s_dll_advapi32);
|
||||
s_dll_advapi32 = NULL;
|
||||
}
|
||||
#elif !HAVE_GETRANDOM
|
||||
if (s_random_fd >= 0)
|
||||
{
|
||||
close(s_random_fd);
|
||||
s_random_fd = -1;
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
void slunkcrypt_cleanup(void)
|
||||
/* Initialize CSRNG */
|
||||
static void init_random_source(void)
|
||||
{
|
||||
if (enter_critsec(&s_initialized, 0))
|
||||
{
|
||||
#if defined(_WIN32)
|
||||
s_genrandom = NULL;
|
||||
if (s_advapi32)
|
||||
{
|
||||
FreeLibrary(s_advapi32);
|
||||
s_advapi32 = NULL;
|
||||
}
|
||||
#elif !HAVE_GETRANDOM
|
||||
if (s_random_fd >= 0)
|
||||
{
|
||||
close(s_random_fd);
|
||||
s_random_fd = -1;
|
||||
}
|
||||
#endif
|
||||
leave_critsec(&s_initialized, 0);
|
||||
if ((s_dll_advapi32 = LoadLibraryW(L"advapi32.dll")))
|
||||
{
|
||||
s_rtl_genrandom = (rtl_genrandom_t)GetProcAddress(s_dll_advapi32, "SystemFunction036");
|
||||
}
|
||||
#elif !HAVE_GETRANDOM
|
||||
for (size_t i = 0U; DEV_RANDOM[i]; ++i)
|
||||
{
|
||||
if ((s_random_fd = open(DEV_RANDOM[i], O_RDONLY)) >= 0)
|
||||
{
|
||||
break; /*success*/
|
||||
}
|
||||
}
|
||||
#endif
|
||||
atexit(exit_random_source);
|
||||
}
|
||||
|
||||
// ==========================================================================
|
||||
// Auxiliary functions
|
||||
// ==========================================================================
|
||||
|
||||
int slunkcrypt_random_bytes(uint8_t* const buffer, const size_t length)
|
||||
/* Generate random bytes */
|
||||
size_t slunkcrypt_random_bytes(uint8_t* const buffer, const size_t length)
|
||||
{
|
||||
ONCE_FUNC(&s_random_is_initialized, init_random_source);
|
||||
#if defined(_WIN32)
|
||||
if ((length <= ((size_t)ULONG_MAX)))
|
||||
if (s_rtl_genrandom)
|
||||
{
|
||||
if (s_genrandom)
|
||||
{
|
||||
return s_genrandom(buffer, (ULONG)length) ? 0 : (-1);
|
||||
}
|
||||
const ULONG buff_size = (ULONG)length;
|
||||
return s_rtl_genrandom(buffer, buff_size) ? buff_size : 0U;
|
||||
}
|
||||
return -1;
|
||||
#elif HAVE_GETRANDOM
|
||||
if (getrandom(buffer, length, 0U) >= length)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
return -1;
|
||||
const ssize_t result = getrandom(buffer, length, 0U);
|
||||
return (result < 0) ? 0U : ((size_t)result);
|
||||
#else
|
||||
if (s_random_fd >= 0)
|
||||
{
|
||||
if (read(s_random_fd, buffer, length) >= length)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
const ssize_t result = read(s_random_fd, buffer, length);
|
||||
return (result < 0) ? 0U : ((size_t)result);
|
||||
}
|
||||
return -1;
|
||||
#endif
|
||||
return 0U;
|
||||
}
|
||||
|
||||
// ==========================================================================
|
||||
// Zero memory
|
||||
// ==========================================================================
|
||||
|
||||
#ifdef _WIN32
|
||||
# define HAVE_EXPLICIT_BZERO 0
|
||||
#else
|
||||
# if defined(__GLIBC__) && (__GLIBC__ >= 2) && (__GLIBC_MINOR__ >= 25)
|
||||
# define HAVE_EXPLICIT_BZERO 1
|
||||
# elif defined(__FreeBSD__) && (__FreeBSD__ >= 11)
|
||||
# define HAVE_EXPLICIT_BZERO 1
|
||||
# else
|
||||
# define HAVE_EXPLICIT_BZERO 0
|
||||
# endif
|
||||
#endif
|
||||
|
||||
void slunkcrypt_bzero(void* const ptr, const size_t length)
|
||||
{
|
||||
if ((ptr) && (length > 0U))
|
||||
{
|
||||
#if HAVE_SECURE_ZERO_MEMORY
|
||||
#if defined(_WIN32) && defined(SecureZeroMemory)
|
||||
SecureZeroMemory(ptr, length);
|
||||
#elif HAVE_EXPLICIT_BZERO
|
||||
explicit_bzero(ptr, length);
|
||||
|
@ -303,7 +303,7 @@ int slunkcrypt_generate_nonce(uint64_t* const nonce)
|
||||
}
|
||||
do
|
||||
{
|
||||
if (slunkcrypt_random_bytes((uint8_t*)nonce, sizeof(uint64_t)) != 0)
|
||||
if (slunkcrypt_random_bytes((uint8_t*)nonce, sizeof(uint64_t)) != sizeof(uint64_t))
|
||||
{
|
||||
return SLUNKCRYPT_FAILURE;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user