diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2020-06-21 17:37:11 +0200 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2020-06-21 17:42:03 +0200 |
commit | a4c5f03beedf04fcca0ba6fd354d27e66bb3fcf6 (patch) | |
tree | c993dee043aee71262556ea4d8c1fed209f4775b /src | |
parent | e97114e7a0aa835cc43876b5431fe42d3a6bf4f1 (diff) | |
download | VeraCrypt-a4c5f03beedf04fcca0ba6fd354d27e66bb3fcf6.tar.gz VeraCrypt-a4c5f03beedf04fcca0ba6fd354d27e66bb3fcf6.zip |
Linux/MacOSX: Read at least 32 bytes from /dev/random before allowing it to fail gracefully
Diffstat (limited to 'src')
-rw-r--r-- | src/Core/RandomNumberGenerator.cpp | 13 | ||||
-rw-r--r-- | src/Core/RandomNumberGenerator.h | 1 |
2 files changed, 11 insertions, 3 deletions
diff --git a/src/Core/RandomNumberGenerator.cpp b/src/Core/RandomNumberGenerator.cpp index 6ad46605..38a228ee 100644 --- a/src/Core/RandomNumberGenerator.cpp +++ b/src/Core/RandomNumberGenerator.cpp @@ -44,12 +44,12 @@ namespace VeraCrypt throw_sys_sub_if (random == -1, L"/dev/random"); finally_do_arg (int, random, { close (finally_arg); }); - // ensure that we have read /dev/random successfully at least once before continuing + // ensure that we have read at least 32 bytes from /dev/random before allowing it to fail gracefully while (true) { int rndCount = read (random, buffer, buffer.Size()); - throw_sys_sub_if ((rndCount == -1) && errno != EAGAIN, L"/dev/random"); - if (rndCount == -1 && !DevRandomSucceeded) + throw_sys_sub_if ((rndCount == -1) && errno != EAGAIN && errno != ERESTART && errno != EINTR, L"/dev/random"); + if (rndCount == -1 && (!DevRandomSucceeded || (DevRandomBytesCount < 32))) { // wait 250ms before querying /dev/random again ::usleep (250 * 1000); @@ -57,7 +57,12 @@ namespace VeraCrypt else { if (rndCount != -1) + { + // We count returned bytes untill 32-bytes treshold reached + if (DevRandomBytesCount < 32) + DevRandomBytesCount += rndCount; DevRandomSucceeded = true; + } break; } } @@ -236,6 +241,7 @@ namespace VeraCrypt EnrichedByUser = false; Running = false; DevRandomSucceeded = false; + DevRandomBytesCount = 0; } void RandomNumberGenerator::Test () @@ -274,4 +280,5 @@ namespace VeraCrypt size_t RandomNumberGenerator::WriteOffset; struct rand_data *RandomNumberGenerator::JitterRngCtx = NULL; bool RandomNumberGenerator::DevRandomSucceeded = false; + int RandomNumberGenerator::DevRandomBytesCount = 0; } diff --git a/src/Core/RandomNumberGenerator.h b/src/Core/RandomNumberGenerator.h index 9ef45dfe..8f440630 100644 --- a/src/Core/RandomNumberGenerator.h +++ b/src/Core/RandomNumberGenerator.h @@ -56,6 +56,7 @@ namespace VeraCrypt static size_t WriteOffset; static struct rand_data *JitterRngCtx; static bool DevRandomSucceeded; + static int DevRandomBytesCount; }; } |