Don't use /dev/random anymore

Display help if parsing arguments fails

git-svn-id: https://svn.code.sf.net/p/keepassx/code/trunk@197 b624d157-de02-0410-bad0-e51aec6abb33

src/lib/SecString.cpp

@@ -24,82 +24,80 @@ using namespace std;
 CArcFour SecString::RC4;
 
 SecString::operator QString(){
-return string();
+	return string();
 }
 
 SecString::SecString(){
-locked=true;
+	locked=true;
 }
 
 int SecString::length(){
-return crypt.size();
+	return crypt.size();
 }
 
 SecString::~SecString(){
-lock();
+	lock();
 }
 
 void SecString::lock(){
-locked=true;
-overwrite(plain);
-plain=QString();
+	locked=true;
+	overwrite(plain);
+	plain=QString();
 }
 
 void SecString::unlock(){
-locked=false;
-plain=QString();
-if(!crypt.length()){return;}
-const unsigned char* buffer=new unsigned char[crypt.length()];
-SecString::RC4.decrypt((byte*)crypt.data(),(unsigned char*)buffer,crypt.length());
-plain=QString::fromUtf8((const char*)buffer,crypt.size());
-overwrite((unsigned char*)buffer,crypt.size());
-delete [] buffer;
+	locked = false;
+	plain = QString();
+	if(!crypt.length())
+		return;
+	const unsigned char* buffer = new unsigned char[crypt.length()];
+	SecString::RC4.decrypt( (byte*)crypt.data(), (unsigned char*)buffer, crypt.length() );
+	plain = QString::fromUtf8((const char*)buffer, crypt.size());
+	overwrite((unsigned char*)buffer, crypt.size());
+	delete [] buffer;
 }
 
-
 const QString& SecString::string(){
-if(locked){
- printf("Error in function SecString::string(): string is locked\n");
- return QString(">SEC_STRING_ERROR<");
-}
-return plain;
+	Q_ASSERT_X(!locked, "SecString::string()", "string is locked");
+	return plain;
 }
 
-
-void SecString::setString(QString& str,bool DeleteSource){
-QByteArray StrData=str.toUtf8();
-int len=StrData.size();
-unsigned char* buffer=new unsigned char[len];
-SecString::RC4.encrypt((const unsigned char*)StrData.data(),buffer,len);
-crypt=QByteArray((const char*)buffer,len);
-overwrite(buffer,len);
-overwrite((unsigned char*)StrData.data(),len);
-delete [] buffer;
-if(DeleteSource){
-  overwrite(str);
-  str=QString();}
-lock();
+void SecString::setString(QString& str, bool DeleteSource){
+	QByteArray StrData = str.toUtf8();
+	int len = StrData.size();
+	unsigned char* buffer = new unsigned char[len];
+	SecString::RC4.encrypt((const unsigned char*)StrData.data(), buffer, len);
+	crypt = QByteArray((const char*)buffer, len);
+	overwrite(buffer, len);
+	overwrite((unsigned char*)StrData.data(), len);
+	delete [] buffer;
+	if(DeleteSource){
+		overwrite(str);
+		str=QString();
+	}
+	lock();
 }
 
-void SecString::overwrite(unsigned char* str,int strlen){
-if(strlen==0 || str==NULL)return;
-for(int i=0; i<strlen; i++){
-	str[i]=0;
-}
+void SecString::overwrite(unsigned char* str, int strlen){
+	if(strlen==0 || str==NULL)
+		return;
+	
+	for(int i=0; i<strlen; i++)
+		str[i]=0;
 }
 
-void SecString::overwrite(QString &str){
-if(str.length()==0)return;
-for(int i=0; i<str.length(); i++){
-	((char*)str.data())[i]=0;
+void SecString::overwrite(QString& str){
+	if(str.length()==0)
+		return;
+	
+	for(int i=0; i<str.length(); i++)
+		((char*)str.data())[i] = 0;
 }
-}
-
 
 void SecString::generateSessionKey(){
-CArcFour arc;
-unsigned char* sessionkey=new unsigned char[32];
-randomize(sessionkey,32);
-RC4.setKey(sessionkey,32);
-delete [] sessionkey;
+	CArcFour arc;
+	unsigned char sessionkey[32];
+	randomize(sessionkey,32);
+	RC4.setKey(sessionkey,32);
+	overwrite(sessionkey,32);
 }

src/lib/random.cpp

@@ -20,35 +20,20 @@
 
 #include "random.h"
 
-#if defined(Q_WS_WIN)
+
+#if defined(Q_WS_X11) || defined(Q_WS_MAC)
+	#include <QFile>
+#elif defined(Q_WS_WIN)
 	#include <windows.h>
 	#include <QSysInfo>
 #endif
 
-RandomSource::RandomSource(){
-	quint8 buffer[100];
-	for (int i=0; i<2; i++){
-		getRandomWeak(buffer,100);
-		yarrowUpdateWeak(i,100*8,100,buffer);
-	}
-	
-#ifdef HAS_DEV_RANDOM
-	if (QFile::exists("/dev/random")){
-		DevRandom* devRandom = new DevRandom(this);
-		connect(devRandom, SIGNAL(randomAvailable(int,QByteArray,int)), SLOT(seedStrong(int,QByteArray,int)));
-		connect(devRandom, SIGNAL(finished()), SLOT(deleteLater()));
-		devRandom->start();
-	}
-	else{
-		deleteLater();
-	}
-#else
-	deleteLater();
-#endif
-}
+#include <QCursor>
+#include <QDateTime>
+#include <QTime>
 
-void RandomSource::getRandomWeak(quint8* buffer, int length){
-#if defined(HAS_DEV_RANDOM)
+void Random::getEntropy(quint8* buffer, int length){
+#if defined(Q_WS_X11) || defined(Q_WS_MAC)
 	QFile dev_urandom("/dev/urandom");
 	if (dev_urandom.open(QIODevice::ReadOnly|QIODevice::Unbuffered) && dev_urandom.read((char*)buffer,length)==length)
 		return;
@@ -69,30 +54,27 @@ void RandomSource::getRandomWeak(quint8* buffer, int length){
 	}
 #endif
 	
-	srand(time(NULL));
+	initStdRand();
 	for(int i=0;i<length;i++){
-		((quint8*)buffer)[i] = (quint8) (rand()%256);
+		((quint8*)buffer)[i] = (quint8) (qrand()%256);
 	}
 }
 
-#ifdef HAS_DEV_RANDOM
-void RandomSource::seedStrong(int source, QByteArray buffer, int length){
-	yarrowUpdateStrong(source,length*8,length,(const quint8*)buffer.constData());
+void Random::initStdRand(){
+	static bool initalized = false;
+	if (initalized)
+		return;
+	
+	QByteArray buffer;
+	QDataStream stream(&buffer, QIODevice::WriteOnly);
+	
+	stream << QCursor::pos();
+	stream << QDateTime::currentDateTime().toTime_t();
+	stream << QTime::currentTime().msec();
+	
+	quint8 hash[32];
+	SHA256::hashBuffer(buffer.data(), hash, buffer.size());
+	
+	qsrand( (uint) *hash );
+	initalized = true;
 }
-
-DevRandom::DevRandom(QObject* parent) : QThread(parent){
-}
-
-void DevRandom::run(){
-	QByteArray buffer(50,0);
-	for (int i=0; i<2; i++){
-		if (getRandomStrong((quint8*)buffer.data(),50))
-			emit randomAvailable(i,buffer,50);
-	}
-}
-
-bool DevRandom::getRandomStrong(quint8* buffer, int length){
-	QFile dev_random("/dev/random");
-	return (dev_random.open(QIODevice::ReadOnly|QIODevice::Unbuffered) && dev_random.read((char*)buffer,length)==length);
-}
-#endif

src/lib/random.h

@@ -22,40 +22,9 @@
 
 #include <QObject>
 
-#if defined(Q_WS_X11) || defined(Q_WS_MAC)
-#define HAS_DEV_RANDOM
-#include <QThread>
-#endif
-
-class RandomSource : public QObject {
-	Q_OBJECT
-	
-	public:
-		RandomSource();
-	
-	private:
-		static void getRandomWeak(quint8* buffer, int length);
-
-#ifdef HAS_DEV_RANDOM
-	private slots:
-		void seedStrong(int source, QByteArray buffer, int length);
-#endif
+namespace Random {
+	void getEntropy(quint8* buffer, int length);
+	void initStdRand();
 };
 
-#ifdef HAS_DEV_RANDOM
-class DevRandom : public QThread {
-	Q_OBJECT
-	
-	public:
-		DevRandom(QObject* parent = 0);
-		void run();
-		
-	signals:
-		void randomAvailable(int source, QByteArray buffer, int length);
-		
-	private:
-		static bool getRandomStrong(quint8* buffer, int length);
-};
-#endif
-
 #endif