1 /* Copyright (c) 2014, Google Inc.
2 *
3 * Permission to use, copy, modify, and/or distribute this software for any
4 * purpose with or without fee is hereby granted, provided that the above
5 * copyright notice and this permission notice appear in all copies.
6 *
7 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14
15 #include <openssl/rand.h>
16
17 #include "../fipsmodule/rand/internal.h"
18
19 #if defined(OPENSSL_RAND_WINDOWS)
20
21 #include <limits.h>
22 #include <stdlib.h>
23
24 OPENSSL_MSVC_PRAGMA(warning(push, 3))
25
26 #include <windows.h>
27
28 #if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP) && \
29 !WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
30 #include <bcrypt.h>
31 OPENSSL_MSVC_PRAGMA(comment(lib, "bcrypt.lib"))
32 #endif // WINAPI_PARTITION_APP && !WINAPI_PARTITION_DESKTOP
33
OPENSSL_MSVC_PRAGMA(warning (pop))34 OPENSSL_MSVC_PRAGMA(warning(pop))
35
36 #if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP) && \
37 !WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
38
39 void CRYPTO_init_sysrand(void) {}
40
CRYPTO_sysrand(uint8_t * out,size_t requested)41 void CRYPTO_sysrand(uint8_t *out, size_t requested) {
42 while (requested > 0) {
43 ULONG output_bytes_this_pass = ULONG_MAX;
44 if (requested < output_bytes_this_pass) {
45 output_bytes_this_pass = (ULONG)requested;
46 }
47 if (!BCRYPT_SUCCESS(BCryptGenRandom(
48 /*hAlgorithm=*/NULL, out, output_bytes_this_pass,
49 BCRYPT_USE_SYSTEM_PREFERRED_RNG))) {
50 abort();
51 }
52 requested -= output_bytes_this_pass;
53 out += output_bytes_this_pass;
54 }
55 }
56
57 #else
58
59 // See: https://learn.microsoft.com/en-us/windows/win32/seccng/processprng
60 typedef BOOL (WINAPI *ProcessPrngFunction)(PBYTE pbData, SIZE_T cbData);
61 static ProcessPrngFunction g_processprng_fn = NULL;
62
63 static void init_processprng(void) {
64 HMODULE hmod = LoadLibraryW(L"bcryptprimitives");
65 if (hmod == NULL) {
66 abort();
67 }
68 g_processprng_fn = (ProcessPrngFunction)GetProcAddress(hmod, "ProcessPrng");
69 if (g_processprng_fn == NULL) {
70 abort();
71 }
72 }
73
74 void CRYPTO_init_sysrand(void) {
75 static CRYPTO_once_t once = CRYPTO_ONCE_INIT;
76 CRYPTO_once(&once, init_processprng);
77 }
78
79 void CRYPTO_sysrand(uint8_t *out, size_t requested) {
80 CRYPTO_init_sysrand();
81 // On non-UWP configurations, use ProcessPrng instead of BCryptGenRandom
82 // to avoid accessing resources that may be unavailable inside the
83 // Chromium sandbox. See https://crbug.com/74242
84 if (!g_processprng_fn(out, requested)) {
85 abort();
86 }
87 }
88
89 #endif // WINAPI_PARTITION_APP && !WINAPI_PARTITION_DESKTOP
90
CRYPTO_sysrand_for_seed(uint8_t * out,size_t requested)91 void CRYPTO_sysrand_for_seed(uint8_t *out, size_t requested) {
92 CRYPTO_sysrand(out, requested);
93 }
94
95 #endif // OPENSSL_RAND_WINDOWS
96