From 4ea671b358ec15331a961be092a777c8a82d1642 Mon Sep 17 00:00:00 2001 From: Ron Yorston Date: Wed, 11 Jan 2023 08:20:11 +0000 Subject: win32: improve seeding of PRNGs busybox-w32 provides two PRNG implementations which are used in the emulation of /dev/urandom. The ad hoc method of seeding them has been replaced by calls to RtlGenRandom. The documentation for RtlGenRandom indicates it has been deprecated in favour of CryptGenRandom. The documentation for the latter indicates it has been deprecated in favour of the 'Cryptography Next Generation APIs'. Nonetheless, RtlGenRandom remains available in every version of Windows since XP. In the unlikely event that RtlGenRandom fails simply use the current time as the seed. Saves 192 bytes in the default configuration. --- win32/isaac.c | 42 ++++++------------------------------------ win32/sh_random.c | 28 ++++------------------------ 2 files changed, 10 insertions(+), 60 deletions(-) diff --git a/win32/isaac.c b/win32/isaac.c index 6b174b69e..19b96de94 100644 --- a/win32/isaac.c +++ b/win32/isaac.c @@ -18,6 +18,7 @@ You may use this code in any way you wish, and it is free. No warrantee. public domain. */ #include "libbb.h" +#include typedef struct { /* external results */ @@ -113,14 +114,6 @@ static void randinit(isaac_t *t, int flag) isaac(t); /* fill in the first set of results */ } -/* call 'fn' to put data in 'dt' then copy it to generator state */ -#define GET_DATA(fn, dt) \ - fn(&dt); \ - u = (uint32_t *)&dt; \ - for (j=0; jrandrsl[i++ % 256] = *u++; \ - } - /* * Stuff a few bytes of random-ish data into the generator state. * This is unlikely to be very robust: don't rely on it for @@ -128,37 +121,14 @@ static void randinit(isaac_t *t, int flag) */ static void get_entropy(isaac_t *t) { - int i, j; - FILETIME tm; - MEMORYSTATUS ms; - SYSTEM_INFO si; - LARGE_INTEGER pc; - uint32_t *u; - char *env, *s; - unsigned char *p; - - i = 0; - t->randrsl[i++] = (uint32_t)GetProcessId(GetCurrentProcess()); - t->randrsl[i++] = (uint32_t)GetCurrentThreadId(); - t->randrsl[i++] = (uint32_t)GetTickCount(); - - GET_DATA(GetSystemTimeAsFileTime, tm) - GET_DATA(GlobalMemoryStatus, ms) - GET_DATA(GetSystemInfo, si) - GET_DATA(QueryPerformanceCounter, pc) - - env = GetEnvironmentStringsA(); - - /* environment ends with two nuls */ - p = (unsigned char *)t->randrsl; - i *= sizeof(uint32_t); - for (s=env; *s || *(s+1); ++s) - p[i++ % (256 * sizeof(uint32_t))] ^= *s; - - FreeEnvironmentStringsA(env); + if (!RtlGenRandom(t->randrsl, sizeof(uint32_t)*256)) + GetSystemTimeAsFileTime((FILETIME *)t->randrsl); #if 0 { + unsigned char *p = (unsigned char *)t->randrsl; + int j; + for (j=0; j<256; ++j) { fprintf(stderr, "%02x", p[j]); if ((j&31) == 31) { diff --git a/win32/sh_random.c b/win32/sh_random.c index 912793269..32ce135c8 100644 --- a/win32/sh_random.c +++ b/win32/sh_random.c @@ -1,14 +1,7 @@ #include "libbb.h" +#include #include "../shell/random.h" -/* call 'fn' to put data in 'dt' then copy it to generator state */ -#define GET_DATA(fn, dt) \ - fn(&dt); \ - u = (uint32_t *)&dt; \ - for (j=0; j