diff options
author | Gil <mcg@google.com> | 2018-01-19 12:20:46 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-01-19 12:20:46 -0800 |
commit | 9f7c094f9f00a6efc0107071f109ef1bc4d7357d (patch) | |
tree | 98326bf2f1190338ddc451ea5418bbc4b3348008 /Firestore/core/src/firebase/firestore/util/secure_random_openssl.cc | |
parent | 6a6e14822fc8c4ec16e9045b23b515b4baad14fd (diff) |
Add platform detection logic for SecureRandom (#676)
* Add CMake platform detection logic for SecureRandom
Now only builds secure_random_arc4random.cc if available.
Remove firebase/firestore/base/port.h. Nothing else was in that
directory.
* Add a SecureRandom implementation that uses OpenSSL
This is usable on Linux, Windows, and Android
* Properly check return from RAND_bytes
Diffstat (limited to 'Firestore/core/src/firebase/firestore/util/secure_random_openssl.cc')
-rw-r--r-- | Firestore/core/src/firebase/firestore/util/secure_random_openssl.cc | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/Firestore/core/src/firebase/firestore/util/secure_random_openssl.cc b/Firestore/core/src/firebase/firestore/util/secure_random_openssl.cc new file mode 100644 index 0000000..d3f6e63 --- /dev/null +++ b/Firestore/core/src/firebase/firestore/util/secure_random_openssl.cc @@ -0,0 +1,46 @@ +/* + * Copyright 2018 Google + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "Firestore/core/src/firebase/firestore/util/secure_random.h" + +#include "Firestore/core/src/firebase/firestore/util/config.h" + +#if HAVE_OPENSSL_RAND_H + +#include <openssl/err.h> +#include <openssl/rand.h> + +namespace firebase { +namespace firestore { +namespace util { + +SecureRandom::result_type SecureRandom::operator()() { + result_type result; + int rc = RAND_bytes(reinterpret_cast<uint8_t*>(&result), sizeof(result)); + if (rc <= 0) { + // OpenSSL's RAND_bytes can fail if there's not enough entropy. BoringSSL + // won't fail this way. + ERR_print_errors_fp(stderr); + abort(); + } + return result; +} + +} // namespace util +} // namespace firestore +} // namespace firebase + +#endif // HAVE_OPENSSL_RAND_H |