Try to use truly random data to initialize the random number generator

Fixed: crash when closing the PasswordDlg by clicking on the x Fixed: -cfg parameter not working Fixed: does not compile for Windows Fixed some compiler warnings git-svn-id: https://svn.code.sf.net/p/keepassx/code/trunk@176 b624d157-de02-0410-bad0-e51aec6abb33
2008-03-08 14:18:32 +00:00 · 2008-03-08 14:18:32 +00:00 · b8f59f9f04
parent e9a85f91fc
commit b8f59f9f04
12 changed files with 98 additions and 85 deletions
--- a/src/Database.cpp
+++ b/src/Database.cpp
@ -20,8 +20,7 @@



-KpxUuid::KpxUuid(){
-	Data.fill(0,16);
+KpxUuid::KpxUuid() : Data(16,0){
 }

 KpxUuid::KpxUuid(const void* src){
@ -30,7 +29,7 @@ KpxUuid::KpxUuid(const void* src){

 void KpxUuid::generate(){
 	char uuid[16];
-	getRandomBytes(uuid,16);
+	randomize(uuid,16);
 	quint32 Secs=QDateTime::currentDateTime().toTime_t();
 	quint16 mSecs=QTime::currentTime().msec();
 	mSecs=(mSecs & 0x3FF) | (*((quint16*)(uuid+4)) & 0xFC00); //msec has only 10 Bits, filling the rest with random data
@ -61,7 +60,7 @@ void KpxUuid::toRaw(void* dst)const{
 }

 void KpxUuid::fromRaw(const void* src){
-	Data=QByteArray((char*)src,16);
+	Data.replace(0,16,(char*)src);
 }

 bool KpxUuid::operator==(const KpxUuid& other)const{
--- a/src/crypto/arcfour.h
+++ b/src/crypto/arcfour.h
@ -22,7 +22,7 @@
 #define _ARCFOUR_H_

 #ifndef byte
-#define byte unsigned char
+#define byte quint8
 #endif

 class CArcFour{
--- a/src/crypto/blowfish.h
+++ b/src/crypto/blowfish.h
@ -37,7 +37,9 @@ using std::string;
 #define uint8_t quint8
 #define uint16_t quint16
 #define uint32_t quint32
+#ifndef byte
 #define byte quint8
+#endif

 /** blowfish encryption algorithm.
  * Derived from libgcrypt-1.1.12
--- a/src/crypto/yarrow.cpp
+++ b/src/crypto/yarrow.cpp
@ -400,12 +400,9 @@ void initYarrow(){
 	yarrow256_init(&WeakCtx,2,WeakSrc);
 	yarrow256_init(&StrongCtx,2,StrongSrc);
 	quint8 buffer[100];
-	srand(time(0));
-	for(int i=0;i<100;i++)
-		buffer[i]=rand()%256+1;
+	getRandomBytes(buffer,100);
 	yarrow256_update(&WeakCtx,0,800,100,buffer);
-	for(int i=0;i<100;i++)
-		buffer[i]=rand()%256+1;
+	getRandomBytes(buffer,100);
 	yarrow256_update(&WeakCtx,1,800,100,buffer);
 	Q_ASSERT(yarrow256_is_seeded(&WeakCtx));
 }
@ -429,8 +426,7 @@ void reseedStrongPool(quint8* buffer1,int l1,quint8* buffer2,int l2){
 		buffer1=buffer1+100;
 		l1=l1-100;
 	}
-	else
-	{
+	else{
 		yarrow256_update(&StrongCtx,1,100,25,buffer2);
 		buffer2=buffer2+25;
 		l2=l2-25;
--- a/src/dialogs/PasswordDlg.h
+++ b/src/dialogs/PasswordDlg.h
@ -43,9 +43,9 @@ public:
 	};
 	
 	enum DlgExit {
-		Exit_Ok,
-		Exit_Cancel,
-		Exit_Quit
+		Exit_Ok=QDialog::Accepted,
+		Exit_Cancel=QDialog::Rejected,
+		Exit_Quit=3
 	};
 	
 	typedef bool (KeyFileGenProc)(const QString& filename,QString* error);
--- a/src/import/Import_PwManager.cpp
+++ b/src/import/Import_PwManager.cpp
@ -31,7 +31,7 @@ bool Import_PwManager::importDatabase(QWidget* GuiParent, IDatabase* db){
 	char* buffer=NULL;
 	int offset=0;
 	int len=0;
-	if(len=file->size()){
+	if((len=file->size())){
 		buffer=new char[len];
 	}
 	else {
--- a/src/keepassx.h
+++ b/src/keepassx.h
@ -34,60 +34,62 @@

 #ifdef __cplusplus

+#include <cstdlib>
 #include <iostream>
+
+#include <assert.h>
 #include <math.h>
 #include <time.h>
-#include <assert.h>
-#include <cstdlib>
-#include <QHash>
-#include <QList>
-#include <QStringList>
-#include <QBitArray>
-#include <QByteArray>
-#include <QVarLengthArray>
-#include <QDataStream>
-#include <QString>
-#include <QFile>
-#include <QDir>
-#include <QIcon>
-#include <QPixmap>
-#include <QMessageBox>
-#include <QDialog>
-#include <QImage>
-#include <QPainter>
-#include <QBrush>
-#include <QColor>
-#include <QLineEdit>
-#include <QCheckBox>
-#include <QComboBox>
-#include <QSettings>
-#include <QLabel>
-#include <QDateTime>
-#include <QTreeWidget>
-#include <QTimer>
-#include <QApplication>
-#include <QPaintEvent>
-#include <QDomElement>
-#include <QPushButton>
-#include <QToolButton>
-#include <QMenu>
-#include <QUrl>

+#include <QApplication>
+#include <QBitArray>
+#include <QBrush>
+#include <QByteArray>
+#include <QCheckBox>
+#include <QColor>
+#include <QComboBox>
+#include <QDataStream>
+#include <QDateTime>
+#include <QDialog>
+#include <QDir>
+#include <QDomElement>
+#include <QFile>
+#include <QHash>
+#include <QIcon>
+#include <QImage>
+#include <QLabel>
+#include <QLineEdit>
+#include <QList>
+#include <QMenu>
+#include <QMessageBox>
+#include <QPainter>
+#include <QPaintEvent>
+#include <QPixmap>
+#include <QPushButton>
+#include <QSettings>
+#include <QString>
+#include <QStringList>
+#include <QTimer>
+#include <QToolButton>
+#include <QTreeWidget>
+#include <QUrl>
+#include <QVarLengthArray>
+
+#include "crypto/aescpp.h"
+#include "crypto/arcfour.h"
 #include "crypto/blowfish.h"
 #include "crypto/sha1.h"
-#include "crypto/twoclass.h"
-#include "crypto/aescpp.h"
 #include "crypto/sha256.h"
+#include "crypto/twoclass.h"
 #include "crypto/yarrow.h"
-#include "crypto/arcfour.h"
+#include "lib/bookmarks.h"
+#include "lib/FileDialogs.h"
 #include "lib/random.h"
 #include "lib/SecString.h"
 #include "lib/tools.h"
-#include "lib/FileDialogs.h"
-#include "lib/bookmarks.h"
 #include "lib/UrlLabel.h"
-#include "KpxConfig.h"
 #include "Database.h"
+#include "KpxConfig.h"

 extern QString PluginLoadError;
 extern KpxConfig *config;
--- a/src/lib/random.cpp
+++ b/src/lib/random.cpp
@ -19,29 +19,44 @@
 ***************************************************************************/
 #include <iostream>
 #include <fstream>
-#include <QDateTime>
-#include <QObject>
 #include "random.h"
+
+#if defined(Q_WS_WIN)
+	#include <QSysInfo>
+#include <QMessageBox>
+	#include <windows.h>
+#endif
+
 using namespace std;

-void getRandomBytes(void* buffer,int NumBlocks,int BlockSize,bool Strong){
-FILE *dev_random;
-if(Strong){
-dev_random = fopen("/dev/random","r");}
-else{
-dev_random = fopen("/dev/urandom","r");}
-
-if (dev_random==NULL){
- srand(QTime(0,0,0).secsTo(QTime::currentTime()));
- for(int i=0;i<NumBlocks*BlockSize;i++){
-	quint8 rnd=rand()%256;
-	((quint8*)buffer)[i]=rnd;
+void getRandomBytes(void* buffer,int NumBlocks){
+#if defined(Q_WS_WIN)
+	// RtlGenRandom
+	if (QSysInfo::WindowsVersion>=QSysInfo::WV_XP){
+		bool success=false;
+		HMODULE hLib=LoadLibraryA("ADVAPI32.DLL");
+		if (hLib) {
+			BOOLEAN (APIENTRY *pfn)(void*, ULONG) = (BOOLEAN (APIENTRY *)(void*,ULONG))GetProcAddress(hLib,"SystemFunction036");
+			if (pfn && pfn(buffer,NumBlocks)) {
+				success=true;
 			}
+			FreeLibrary(hLib);
+		}
+		if (success)
 			return;
 	}
-else{
-fread(buffer,BlockSize,NumBlocks,dev_random);
+#else
+	FILE* dev_random = fopen("/dev/random","r");
+	if (dev_random){
+		size_t bytesRead = fread(buffer,1,NumBlocks,dev_random);
 		fclose(dev_random);
+		if (bytesRead==NumBlocks)
 			return;
 	}
+#endif
+	
+	srand(time(NULL));
+	for(int i=0;i<NumBlocks;i++){
+		((quint8*)buffer)[i] = (quint8) (rand()%256);
+	}
 }
--- a/src/lib/random.h
+++ b/src/lib/random.h
@ -20,7 +20,6 @@
 #ifndef RANDOM_H_
 #define RANDOM_H_

-extern void getRandomBytes(void* buffer,int NumBlocks,int BlockSize=1,bool Strong=false);
-
+extern void getRandomBytes(void* buffer,int NumBlocks);

 #endif
--- a/src/main.cpp
+++ b/src/main.cpp
@ -234,7 +234,7 @@ bool CmdLineArgs::parse(const QStringList& argv){
 				return false;
 			}
 			QFileInfo file(argv[i+1]);
-			ConfigLocation=file.absolutePath();
+			ConfigLocation=file.absoluteFilePath();
 			i++;
 			continue;
 		}
--- a/src/main_win32.cpp
+++ b/src/main_win32.cpp
@ -22,7 +22,7 @@
 #include <windows.h>
 #include "main.h"

-void initAppPaths(){
+void initAppPaths(int argc,char** argv){
 	AppDir = QApplication::applicationDirPath();
 	
 	HomeDir = QString::fromLocal8Bit(qgetenv("APPDATA").constData());