X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/2965425374ca4413339436c2f706f7b5508402e2..ce0ac947b4708d0bc1c7e6789b3e1f3bfc80d6e9:/cdsa/cdsa_utilities/devrandom.cpp diff --git a/cdsa/cdsa_utilities/devrandom.cpp b/cdsa/cdsa_utilities/devrandom.cpp index 835b8def..05b180a0 100644 --- a/cdsa/cdsa_utilities/devrandom.cpp +++ b/cdsa/cdsa_utilities/devrandom.cpp @@ -20,6 +20,7 @@ // devrandom - RNG operations based on /dev/random // #include +#include using namespace UnixPlusPlus; @@ -30,22 +31,15 @@ namespace Security { // // The common (shared) open file descriptor to /dev/random // -ModuleNexus DevRandomGenerator::mDevRandom; +ModuleNexus DevRandomGenerator::mReader; +ModuleNexus DevRandomGenerator::mWriter; // -// DevRandomGenerator objects immediately open their file descriptors +// In the current implementation, opening the file descriptor is deferred. // DevRandomGenerator::DevRandomGenerator(bool writable) { - FileDesc &fd = mDevRandom(); - if (!fd) { - fd.open("/dev/random", writable ? O_RDWR : O_RDONLY); - } else if (writable && !fd.isWritable()) { - FileDesc newFd("/dev/random", O_RDWR); - fd.close(); - fd = newFd; - } } @@ -54,7 +48,18 @@ DevRandomGenerator::DevRandomGenerator(bool writable) // void DevRandomGenerator::random(void *data, size_t length) { - mDevRandom().read(data, length); + try { + size_t bytesRead = mReader().read(data, length); + if (bytesRead != length) { // short read (shouldn't happen) + Syslog::error("DevRandomGenerator: wanted %ld got %ld bytes", + length, bytesRead); + UnixError::throwMe(EIO); + } + } catch(const UnixError &uerr) { + Syslog::error("DevRandomGenerator: error %d reading /dev/random", + uerr.error); + throw; + } } @@ -63,7 +68,8 @@ void DevRandomGenerator::random(void *data, size_t length) // void DevRandomGenerator::addEntropy(const void *data, size_t length) { - mDevRandom().write(data, length); + if (mWriter().write(data, length) != length) + UnixError::throwMe(EIO); // short write (shouldn't happen) }