pdns/dns_random.cc

   1 /*
   2  * This file is part of PowerDNS or dnsdist.
   3  * Copyright -- PowerDNS.COM B.V. and its contributors
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of version 2 of the GNU General Public License as
   7  * published by the Free Software Foundation.
   8  *
   9  * In addition, for the avoidance of any doubt, permission is granted to
  10  * link this program with OpenSSL and to (re)distribute the binaries
  11  * produced as the result of such linking.
  12  *
  13  * This program is distributed in the hope that it will be useful,
  14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  * GNU General Public License for more details.
  17  *
  18  * You should have received a copy of the GNU General Public License
  19  * along with this program; if not, write to the Free Software
  20  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  21  */
  22 #ifdef HAVE_CONFIG_H
  23 #include "config.h"
  24 #endif
  25 #include <openssl/aes.h>
  26 #include <openssl/opensslv.h>
  27 #if OPENSSL_VERSION_NUMBER > 0x1010000fL && !defined LIBRESSL_VERSION_NUMBER
  28 // Older OpenSSL does not have CRYPTO_ctr128_encrypt. Before 1.1.0 the header
  29 // file did not have the necessary extern "C" wrapper. In 1.1.0, AES_ctr128_encrypt
  30 // was removed.
  31 #include <openssl/modes.h>
  32 #endif
  33 #include <iostream>
  34 #include <cstdlib>
  35 #include <cstring>
  36 #include <sys/types.h>
  37 #include <unistd.h>
  38 #include <sys/time.h>
  39 #include <limits>
  40 #include <stdexcept>
  41 #include <stdint.h>
  42 #include "dns_random.hh"
  43
  44 using namespace std;
  45
  46 static AES_KEY aes_key;
  47 static unsigned int g_offset;
  48 static unsigned char g_counter[16], g_stream[16];
  49 static uint32_t g_in;
  50
  51 static bool g_initialized;
  52
  53 void dns_random_init(const char data[16])
  54 {
  55   g_offset = 0;
  56   memset(&g_stream, 0, sizeof(g_stream));
  57   if (AES_set_encrypt_key((const unsigned char*)data, 128, &aes_key) < 0) {
  58     throw std::runtime_error("AES_set_encrypt_key failed");
  59   }
  60
  61   struct timeval now;
  62   gettimeofday(&now, 0);
  63
  64   static_assert(sizeof(g_counter) >= (sizeof(now.tv_usec) + sizeof(now.tv_sec)), "g_counter must be large enough to get tv_sec + tv_usec");
  65   memcpy(g_counter, &now.tv_usec, sizeof(now.tv_usec));
  66   memcpy(g_counter+sizeof(now.tv_usec), &now.tv_sec, sizeof(now.tv_sec));
  67   g_in = getpid() | (getppid()<<16);
  68
  69   g_initialized = true;
  70   srandom(dns_random(numeric_limits<uint32_t>::max()));
  71 }
  72
  73 unsigned int dns_random(unsigned int n)
  74 {
  75   if(!g_initialized)
  76     abort();
  77   uint32_t out;
  78 #if OPENSSL_VERSION_NUMBER > 0x1010000fL && !defined LIBRESSL_VERSION_NUMBER
  79   CRYPTO_ctr128_encrypt((const unsigned char*)&g_in, (unsigned char*) &out, sizeof(g_in), &aes_key, g_counter, g_stream, &g_offset, (block128_f) AES_encrypt);
  80 #else
  81   AES_ctr128_encrypt((const unsigned char*)&g_in, (unsigned char*) &out, sizeof(g_in), &aes_key, g_counter, g_stream, &g_offset);
  82 #endif
  83   return out % n;
  84 }
  85
  86 #if 0
  87 int main()
  88 {
  89   dns_random_init("0123456789abcdef");
  90
  91   for(int n = 0; n < 16; n++)
  92     cerr<<dns_random(16384)<<endl;
  93 }
  94 #endif