diff --git a/Libraries/LibCrypto/CMakeLists.txt b/Libraries/LibCrypto/CMakeLists.txt index 7a1e38ce252..45e6a9951ee 100644 --- a/Libraries/LibCrypto/CMakeLists.txt +++ b/Libraries/LibCrypto/CMakeLists.txt @@ -31,6 +31,7 @@ set(SOURCES NumberTheory/ModularFunctions.cpp PK/RSA.cpp PK/EC.cpp + SecureRandom.cpp ) serenity_lib(LibCrypto crypto) diff --git a/Libraries/LibCrypto/Curves/Ed25519.cpp b/Libraries/LibCrypto/Curves/Ed25519.cpp index 2aac52c1222..2e0d09bc9df 100644 --- a/Libraries/LibCrypto/Curves/Ed25519.cpp +++ b/Libraries/LibCrypto/Curves/Ed25519.cpp @@ -8,6 +8,7 @@ #include #include #include +#include namespace Crypto::Curves { @@ -19,7 +20,7 @@ ErrorOr Ed25519::generate_private_key() // about randomness. auto buffer = TRY(ByteBuffer::create_uninitialized(key_size())); - fill_with_random(buffer); + fill_with_secure_random(buffer); return buffer; } diff --git a/Libraries/LibCrypto/Curves/SECPxxxr1.h b/Libraries/LibCrypto/Curves/SECPxxxr1.h index a8c66d87515..c109deaf85a 100644 --- a/Libraries/LibCrypto/Curves/SECPxxxr1.h +++ b/Libraries/LibCrypto/Curves/SECPxxxr1.h @@ -18,6 +18,7 @@ #include #include #include +#include namespace { // Used by ASN1 macros @@ -230,7 +231,7 @@ public: ErrorOr generate_private_key() override { auto buffer = TRY(ByteBuffer::create_uninitialized(KEY_BYTE_SIZE)); - fill_with_random(buffer); + fill_with_secure_random(buffer); return buffer; } diff --git a/Libraries/LibCrypto/Curves/X25519.cpp b/Libraries/LibCrypto/Curves/X25519.cpp index bf028bf99f5..abac457b5ca 100644 --- a/Libraries/LibCrypto/Curves/X25519.cpp +++ b/Libraries/LibCrypto/Curves/X25519.cpp @@ -8,6 +8,7 @@ #include #include #include +#include namespace Crypto::Curves { @@ -29,7 +30,7 @@ static void conditional_swap(u32* first, u32* second, u32 condition) ErrorOr X25519::generate_private_key() { auto buffer = TRY(ByteBuffer::create_uninitialized(BYTES)); - fill_with_random(buffer); + fill_with_secure_random(buffer); return buffer; } diff --git a/Libraries/LibCrypto/Curves/X448.cpp b/Libraries/LibCrypto/Curves/X448.cpp index 566a3e520dd..0e4cf4df187 100644 --- a/Libraries/LibCrypto/Curves/X448.cpp +++ b/Libraries/LibCrypto/Curves/X448.cpp @@ -8,6 +8,7 @@ #include #include #include +#include namespace Crypto::Curves { @@ -291,7 +292,7 @@ static void modular_multiply_inverse(u32* state, u32* value) ErrorOr X448::generate_private_key() { auto buffer = TRY(ByteBuffer::create_uninitialized(BYTES)); - fill_with_random(buffer); + fill_with_secure_random(buffer); return buffer; } diff --git a/Libraries/LibCrypto/NumberTheory/ModularFunctions.cpp b/Libraries/LibCrypto/NumberTheory/ModularFunctions.cpp index cef97c305fc..2c356229d66 100644 --- a/Libraries/LibCrypto/NumberTheory/ModularFunctions.cpp +++ b/Libraries/LibCrypto/NumberTheory/ModularFunctions.cpp @@ -8,6 +8,7 @@ #include #include #include +#include namespace Crypto::NumberTheory { @@ -172,7 +173,7 @@ UnsignedBigInteger random_number(UnsignedBigInteger const& min, UnsignedBigInteg auto buffer = ByteBuffer::create_uninitialized(size).release_value_but_fixme_should_propagate_errors(); // FIXME: Handle possible OOM situation. auto* buf = buffer.data(); - fill_with_random(buffer); + fill_with_secure_random(buffer); UnsignedBigInteger random { buf, size }; // At this point, `random` is a large number, in the range [0, 256^size). // To get down to the actual range, we could just compute random % range. diff --git a/Libraries/LibCrypto/PK/RSA.cpp b/Libraries/LibCrypto/PK/RSA.cpp index 4a9f82c5703..f6595f46b3c 100644 --- a/Libraries/LibCrypto/PK/RSA.cpp +++ b/Libraries/LibCrypto/PK/RSA.cpp @@ -12,6 +12,7 @@ #include #include #include +#include namespace Crypto::PK { @@ -253,7 +254,7 @@ void RSA_PKCS1_EME::encrypt(ReadonlyBytes in, Bytes& out) Vector ps; ps.resize(ps_length); - fill_with_random(ps); + fill_with_secure_random(ps); // since fill_with_random can create zeros (shocking!) // we have to go through and un-zero the zeros for (size_t i = 0; i < ps_length; ++i) { diff --git a/Libraries/LibCrypto/SecureRandom.cpp b/Libraries/LibCrypto/SecureRandom.cpp new file mode 100644 index 00000000000..e5089d6e6a4 --- /dev/null +++ b/Libraries/LibCrypto/SecureRandom.cpp @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2024, the Ladybird developers. + * + * SPDX-License-Identifier: BSD-2-Clause + */ + +#include + +#include + +namespace Crypto { + +void fill_with_secure_random(Bytes bytes) +{ + auto const size = static_cast(bytes.size()); + + if (RAND_bytes(bytes.data(), size) != 1) + VERIFY_NOT_REACHED(); +} + +} diff --git a/Libraries/LibCrypto/SecureRandom.h b/Libraries/LibCrypto/SecureRandom.h new file mode 100644 index 00000000000..9c03d7cafe2 --- /dev/null +++ b/Libraries/LibCrypto/SecureRandom.h @@ -0,0 +1,15 @@ +/* + * Copyright (c) 2024, the Ladybird developers. + * + * SPDX-License-Identifier: BSD-2-Clause + */ + +#pragma once + +#include + +namespace Crypto { + +void fill_with_secure_random(Bytes); + +} diff --git a/Meta/gn/secondary/Userland/Libraries/LibCrypto/BUILD.gn b/Meta/gn/secondary/Userland/Libraries/LibCrypto/BUILD.gn index 85a8fdcebea..2e74eff08cb 100644 --- a/Meta/gn/secondary/Userland/Libraries/LibCrypto/BUILD.gn +++ b/Meta/gn/secondary/Userland/Libraries/LibCrypto/BUILD.gn @@ -39,5 +39,6 @@ shared_library("LibCrypto") { "Hash/SHA2.cpp", "NumberTheory/ModularFunctions.cpp", "PK/RSA.cpp", + "SecureRandom.cpp", ] }