From c3f3acacfdc8864800435bb6ebff61a04a5a575b Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Mon, 22 Feb 2016 18:44:43 +0100 Subject: [PATCH] util.crand: C binding to one of OpenSSL, Linux getrandom() or OpenBSD arc4random() CSPRNG --- configure | 20 ++++++ util-src/Makefile | 9 ++- util-src/crand.c | 156 ++++++++++++++++++++++++++++++++++++++++++++++ util/random.lua | 3 + 4 files changed, 187 insertions(+), 1 deletion(-) create mode 100644 util-src/crand.c diff --git a/configure b/configure index b64c2654..77aa1329 100755 --- a/configure +++ b/configure @@ -19,6 +19,8 @@ CXX=g++ LD=gcc RUNWITH=lua EXCERTS=yes +PRNG= +PRNGLIBS= CFLAGS="-fPIC -Wall" LDFLAGS="-shared" @@ -58,6 +60,11 @@ Configure Prosody prior to building. icu: use ICU from IBM --with-ssl=LIB The name of the SSL to link with. Default is $OPENSSL_LIB +--with-random=METHOD CSPRNG backend to use. One of + getrandom: Linux kernel + arc4random: OpenBSD kernel + openssl: OpenSSL RAND method + Default is to use /dev/urandom --cflags=FLAGS Flags to pass to the compiler Default is $CFLAGS --ldflags=FLAGS Flags to pass to the linker @@ -174,6 +181,16 @@ do --with-ssl=*) OPENSSL_LIB="$value" ;; + --with-random=getrandom) + PRNG=GETRANDOM + ;; + --with-random=openssl) + PRNG=OPENSSL + PRNGLIBS=-lcrypto + ;; + --with-random=arc4random) + PRNG=ARC4RANDOM + ;; --cflags=*) CFLAGS="$value" ;; @@ -372,6 +389,9 @@ CXX=$CXX LD=$LD RUNWITH=$RUNWITH EXCERTS=$EXCERTS +RANDOM=$PRNG +RANDOM_LIBS=$PRNGLIBS + EOF diff --git a/util-src/Makefile b/util-src/Makefile index 85b190b9..9c6c377c 100644 --- a/util-src/Makefile +++ b/util-src/Makefile @@ -8,6 +8,10 @@ TARGET?=../util/ ALL=encodings.so hashes.so net.so pposix.so signal.so table.so ringbuffer.so +ifdef RANDOM +ALL+=crand.so +endif + .PHONY: all install clean .SUFFIXES: .c .o .so @@ -17,11 +21,14 @@ install: $(ALL) $(INSTALL_DATA) $^ $(TARGET) clean: - rm -f $(ALL) + rm -f $(ALL) $(patsubst %.so,%.o,$(ALL)) encodings.so: LDLIBS+=$(IDNA_LIBS) hashes.so: LDLIBS+=$(OPENSSL_LIBS) +crand.o: CFLAGS+=-DWITH_$(RANDOM) +crand.so: LDLIBS+=$(RANDOM_LIBS) + %.so: %.o $(LD) $(LDFLAGS) -o $@ $^ $(LDLIBS) diff --git a/util-src/crand.c b/util-src/crand.c new file mode 100644 index 00000000..9a45f10f --- /dev/null +++ b/util-src/crand.c @@ -0,0 +1,156 @@ +/* Prosody IM +-- Copyright (C) 2008-2016 Matthew Wild +-- Copyright (C) 2008-2016 Waqas Hussain +-- Copyright (C) 2016 Kim Alvefur +-- +-- This project is MIT/X11 licensed. Please see the +-- COPYING file in the source package for more information. +-- +*/ + +/* +* crand.c +* C PRNG interface +*/ + +#include "lualib.h" +#include "lauxlib.h" + +#include +#include + +/* + * TODO: Decide on fixed size or dynamically allocated buffer + */ +#if 1 +#include +#else +#define BUFLEN 256 +#endif + +#if defined(WITH_GETRANDOM) +#include +#include +#include + +#ifndef SYS_getrandom +#error getrandom() requires Linux 3.17 or later +#endif + +/* Was this not supposed to be a function? */ +int getrandom(char *buf, size_t len, int flags) { + return syscall(SYS_getrandom, buf, len, flags); +} + +#elif defined(WITH_ARC4RANDOM) +#include +#elif defined(WITH_OPENSSL) +#include +#else +#error util.crand compiled without a random source +#endif + +int Lrandom(lua_State *L) { +#ifdef BUFLEN + unsigned char buf[BUFLEN]; +#else + unsigned char *buf; +#endif + int ret = 0; + size_t len = (size_t)luaL_checkint(L, 1); +#ifdef BUFLEN + len = len > BUFLEN ? BUFLEN : len; +#else + buf = malloc(len); + + if(buf == NULL) { + lua_pushnil(L); + lua_pushstring(L, "out of memory"); + /* or it migth be better to + * return lua_error(L); + */ + return 2; + } +#endif + +#if defined(WITH_GETRANDOM) + ret = getrandom(buf, len, 0); + + if(ret < 0) { +#ifndef BUFLEN + free(buf); +#endif + lua_pushnil(L); + lua_pushstring(L, strerror(errno)); + lua_pushinteger(L, errno); + return 3; + } + +#elif defined(WITH_ARC4RANDOM) + arc4random_buf(buf, len); + ret = len; +#elif defined(WITH_OPENSSL) + ret = RAND_bytes(buf, len); + + if(ret == 1) { + ret = len; + } else { +#ifndef BUFLEN + free(buf); +#endif + lua_pushnil(L); + lua_pushstring(L, "failed"); + /* lua_pushinteger(L, ERR_get_error()); */ + return 2; + } + +#endif + + lua_pushlstring(L, buf, ret); +#ifndef BUFLEN + free(buf); +#endif + return 1; +} + +#ifdef ENABLE_SEEDING +int Lseed(lua_State *L) { + size_t len; + const char *seed = lua_tolstring(L, 1, &len); + +#if defined(WITH_OPENSSL) + RAND_add(seed, len, len); + return 0; +#else + lua_pushnil(L); + lua_pushliteral(L, "not-supported"); + return 2; +#endif +} +#endif + +int luaopen_util_crand(lua_State *L) { + lua_newtable(L); + lua_pushcfunction(L, Lrandom); + lua_setfield(L, -2, "bytes"); +#ifdef ENABLE_SEEDING + lua_pushcfunction(L, Lseed); + lua_setfield(L, -2, "seed"); +#endif + +#if defined(WITH_GETRANDOM) + lua_pushstring(L, "Linux"); +#elif defined(WITH_ARC4RANDOM) + lua_pushstring(L, "arc4random()"); +#elif defined(WITH_OPENSSL) + lua_pushstring(L, "OpenSSL"); +#endif + lua_setfield(L, -2, "_source"); + +#if defined(WITH_OPENSSL) && defined(_WIN32) + /* Do we need to seed this on Windows? */ +#endif + + return 1; +} + diff --git a/util/random.lua b/util/random.lua index e4b4a700..574e2e1c 100644 --- a/util/random.lua +++ b/util/random.lua @@ -6,6 +6,9 @@ -- COPYING file in the source package for more information. -- +local ok, crand = pcall(require, "util.crand"); +if ok then return crand; end + local urandom, urandom_err = io.open("/dev/urandom", "r"); local function seed() -- 2.30.2