util: generate random bytes using OpenSSL instead of CryptoPP
Change-Id: I68bdac565242432fa53a1f113d6f395bf3c6e982
Refs: #3010, #2949
diff --git a/src/util/random.cpp b/src/util/random.cpp
index f321bbd..a16d587 100644
--- a/src/util/random.cpp
+++ b/src/util/random.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -22,42 +22,42 @@
#include "common.hpp"
#include "random.hpp"
+#include "../security/detail/openssl.hpp"
#include <boost/nondet_random.hpp>
#include <boost/random/mersenne_twister.hpp>
#include <boost/random/uniform_int_distribution.hpp>
-#include "../security/cryptopp.hpp"
-
namespace ndn {
namespace random {
-// CryptoPP-based (secure) random generators
-
-static CryptoPP::AutoSeededRandomPool&
-getSecureRandomGenerator()
-{
- static CryptoPP::AutoSeededRandomPool rng;
-
- return rng;
-}
+// OpenSSL-based (secure) pseudo-randomness generators
uint32_t
generateSecureWord32()
{
- return getSecureRandomGenerator().GenerateWord32();
+ uint32_t random;
+ generateSecureBytes(reinterpret_cast<uint8_t*>(&random), sizeof(random));
+ return random;
}
uint64_t
generateSecureWord64()
{
uint64_t random;
- getSecureRandomGenerator()
- .GenerateBlock(reinterpret_cast<unsigned char*>(&random), sizeof(uint64_t));
-
+ generateSecureBytes(reinterpret_cast<uint8_t*>(&random), sizeof(random));
return random;
}
+void
+generateSecureBytes(uint8_t* bytes, size_t size)
+{
+ if (RAND_bytes(bytes, size) != 1) {
+ BOOST_THROW_EXCEPTION(std::runtime_error("Failed to generate random bytes (error code " +
+ std::to_string(ERR_get_error()) + ")"));
+ }
+}
+
// Boost.Random-based (simple) random generators
static boost::random::mt19937&
diff --git a/src/util/random.hpp b/src/util/random.hpp
index 6dc1b52..e47b5fb 100644
--- a/src/util/random.hpp
+++ b/src/util/random.hpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2014 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -30,7 +30,7 @@
/**
* @brief Generate a cryptographically secure random integer from the range [0, 2^32)
*
- * This method uses CryptoPP routines
+ * @throw std::runtime_error if generation fails.
*/
uint32_t
generateSecureWord32();
@@ -38,12 +38,20 @@
/**
* @brief Generate a cryptographically secure random integer from the range [0, 2^64)
*
- * This method uses CryptoPP routines
+ * @throw std::runtime_error if generation fails.
*/
uint64_t
generateSecureWord64();
/**
+ * @brief Fill @p bytes of @p size with cryptographically secure random bytes
+ *
+ * @throw std::runtime_error if generation fails.
+ */
+void
+generateSecureBytes(uint8_t* bytes, size_t size);
+
+/**
* @brief Generate a cryptographically non-secure random integer from the range [0, 2^32)
*
* This method uses Boost.Random routines