From 5ec26a501583a90a45f4a2bf20d71219c642374e Mon Sep 17 00:00:00 2001 From: robert Date: Tue, 8 Oct 2024 09:21:13 -0400 Subject: [PATCH 1/2] Windows: added alternative to bcrypt lib --- mongoose.c | 11 +++++++++++ mongoose.h | 1 + src/arch_win32.h | 1 + src/util.c | 11 +++++++++++ test/Makefile | 5 +++-- 5 files changed, 27 insertions(+), 2 deletions(-) diff --git a/mongoose.c b/mongoose.c index 000cbc58..121b407b 100644 --- a/mongoose.c +++ b/mongoose.c @@ -16385,6 +16385,17 @@ bool mg_random(void *buf, size_t len) { if (initialised == true) { success = CryptGenRandom(hProv, len, p); } +#elif defined(_CRT_RAND_S) + size_t i; + for (i = 0; i < len; i++) { + unsigned int rand_v; + if (rand_s(&rand_v) == 0) { + p[i] = (unsigned char)(rand_v & 255); + } else { + break; + } + } + success = (i == len); #else // BCrypt is a "new generation" strong crypto API, so try it first static BCRYPT_ALG_HANDLE hProv; diff --git a/mongoose.h b/mongoose.h index de0982e4..35678140 100644 --- a/mongoose.h +++ b/mongoose.h @@ -470,6 +470,7 @@ typedef enum { false = 0, true = 1 } bool; #endif #include #pragma comment(lib, "advapi32.lib") +#elif defined(_CRT_RAND_S) #else #include #if defined(_MSC_VER) diff --git a/src/arch_win32.h b/src/arch_win32.h index c31310f3..a89dd6a8 100644 --- a/src/arch_win32.h +++ b/src/arch_win32.h @@ -57,6 +57,7 @@ typedef enum { false = 0, true = 1 } bool; #endif #include #pragma comment(lib, "advapi32.lib") +#elif defined(_CRT_RAND_S) #else #include #if defined(_MSC_VER) diff --git a/src/util.c b/src/util.c index 345fa0f5..71fd5d04 100644 --- a/src/util.c +++ b/src/util.c @@ -30,6 +30,17 @@ bool mg_random(void *buf, size_t len) { if (initialised == true) { success = CryptGenRandom(hProv, len, p); } +#elif defined(_CRT_RAND_S) + size_t i; + for (i = 0; i < len; i++) { + unsigned int rand_v; + if (rand_s(&rand_v) == 0) { + p[i] = (unsigned char)(rand_v & 255); + } else { + break; + } + } + success = (i == len); #else // BCrypt is a "new generation" strong crypto API, so try it first static BCRYPT_ALG_HANDLE hProv; diff --git a/test/Makefile b/test/Makefile index def1a243..44ed69c0 100644 --- a/test/Makefile +++ b/test/Makefile @@ -11,6 +11,7 @@ ENV ?= -e Tmp=. -e WINEDEBUG=-all DOCKER_BIN ?= docker DOCKER ?= $(DOCKER_BIN) run --platform linux/amd64 --rm $(ENV) -v $(ROOT_DIR):$(ROOT_DIR) -w $(CWD) VCFLAGS = /nologo /W3 /O2 /MD /I. $(DEFS) $(TFLAGS) +VCRANDFLAG = /D_CRT_RAND_S IPV6 ?= 1 ASAN ?= -fsanitize=address,undefined,alignment -fno-sanitize-recover=all -fno-omit-frame-pointer -fno-common ASAN_OPTIONS ?= detect_leaks=1 @@ -171,11 +172,11 @@ vc98: Makefile mongoose.h $(SRCS) $(DOCKER) mdashnet/vc98 wine $@.exe vc17: Makefile mongoose.h $(SRCS) - $(DOCKER) mdashnet/vc17 wine64 cl $(SRCS) $(VCFLAGS) /Fe$@.exe + $(DOCKER) mdashnet/vc17 wine64 cl $(SRCS) $(VCRANDFLAG) $(VCFLAGS) /Fe$@.exe $(DOCKER) mdashnet/vc17 wine64 $@.exe vc22: Makefile mongoose.h $(SRCS) - $(DOCKER) mdashnet/vc22 wine64 cl $(SRCS) $(VCFLAGS) /Fe$@.exe + $(DOCKER) mdashnet/vc22 wine64 cl $(SRCS) $(VCRANDFLAG) $(VCFLAGS) /Fe$@.exe $(DOCKER) mdashnet/vc22 wine64 $@.exe mingw: Makefile mongoose.h $(SRCS) From f394df840e87e0729224507d4cd0f3c7716d3e0a Mon Sep 17 00:00:00 2001 From: robert Date: Tue, 29 Oct 2024 10:41:10 -0400 Subject: [PATCH 2/2] Killed bcrypt, replaced with rand_s --- mongoose.c | 12 +----------- mongoose.h | 10 ++++------ src/arch_win32.h | 10 ++++------ src/util.c | 12 +----------- test/Makefile | 5 ++--- 5 files changed, 12 insertions(+), 37 deletions(-) diff --git a/mongoose.c b/mongoose.c index 121b407b..da4f352f 100644 --- a/mongoose.c +++ b/mongoose.c @@ -16385,7 +16385,7 @@ bool mg_random(void *buf, size_t len) { if (initialised == true) { success = CryptGenRandom(hProv, len, p); } -#elif defined(_CRT_RAND_S) +#else size_t i; for (i = 0; i < len; i++) { unsigned int rand_v; @@ -16396,16 +16396,6 @@ bool mg_random(void *buf, size_t len) { } } success = (i == len); -#else - // BCrypt is a "new generation" strong crypto API, so try it first - static BCRYPT_ALG_HANDLE hProv; - if (initialised == false && - BCryptOpenAlgorithmProvider(&hProv, BCRYPT_RNG_ALGORITHM, NULL, 0) == 0) { - initialised = true; - } - if (initialised == true) { - success = BCryptGenRandom(hProv, p, (ULONG) len, 0) == 0; - } #endif #elif MG_ARCH == MG_ARCH_UNIX diff --git a/mongoose.h b/mongoose.h index 35678140..47396cef 100644 --- a/mongoose.h +++ b/mongoose.h @@ -415,6 +415,10 @@ static inline int mg_mkdir(const char *path, mode_t mode) { #if MG_ARCH == MG_ARCH_WIN32 +#ifndef _CRT_RAND_S +#define _CRT_RAND_S +#endif + #ifndef WIN32_LEAN_AND_MEAN #define WIN32_LEAN_AND_MEAN #endif @@ -470,12 +474,6 @@ typedef enum { false = 0, true = 1 } bool; #endif #include #pragma comment(lib, "advapi32.lib") -#elif defined(_CRT_RAND_S) -#else -#include -#if defined(_MSC_VER) -#pragma comment(lib, "bcrypt.lib") -#endif #endif // Protect from calls like std::snprintf in app code diff --git a/src/arch_win32.h b/src/arch_win32.h index a89dd6a8..78948d88 100644 --- a/src/arch_win32.h +++ b/src/arch_win32.h @@ -2,6 +2,10 @@ #if MG_ARCH == MG_ARCH_WIN32 +#ifndef _CRT_RAND_S +#define _CRT_RAND_S +#endif + #ifndef WIN32_LEAN_AND_MEAN #define WIN32_LEAN_AND_MEAN #endif @@ -57,12 +61,6 @@ typedef enum { false = 0, true = 1 } bool; #endif #include #pragma comment(lib, "advapi32.lib") -#elif defined(_CRT_RAND_S) -#else -#include -#if defined(_MSC_VER) -#pragma comment(lib, "bcrypt.lib") -#endif #endif // Protect from calls like std::snprintf in app code diff --git a/src/util.c b/src/util.c index 71fd5d04..469d7d2a 100644 --- a/src/util.c +++ b/src/util.c @@ -30,7 +30,7 @@ bool mg_random(void *buf, size_t len) { if (initialised == true) { success = CryptGenRandom(hProv, len, p); } -#elif defined(_CRT_RAND_S) +#else size_t i; for (i = 0; i < len; i++) { unsigned int rand_v; @@ -41,16 +41,6 @@ bool mg_random(void *buf, size_t len) { } } success = (i == len); -#else - // BCrypt is a "new generation" strong crypto API, so try it first - static BCRYPT_ALG_HANDLE hProv; - if (initialised == false && - BCryptOpenAlgorithmProvider(&hProv, BCRYPT_RNG_ALGORITHM, NULL, 0) == 0) { - initialised = true; - } - if (initialised == true) { - success = BCryptGenRandom(hProv, p, (ULONG) len, 0) == 0; - } #endif #elif MG_ARCH == MG_ARCH_UNIX diff --git a/test/Makefile b/test/Makefile index 44ed69c0..def1a243 100644 --- a/test/Makefile +++ b/test/Makefile @@ -11,7 +11,6 @@ ENV ?= -e Tmp=. -e WINEDEBUG=-all DOCKER_BIN ?= docker DOCKER ?= $(DOCKER_BIN) run --platform linux/amd64 --rm $(ENV) -v $(ROOT_DIR):$(ROOT_DIR) -w $(CWD) VCFLAGS = /nologo /W3 /O2 /MD /I. $(DEFS) $(TFLAGS) -VCRANDFLAG = /D_CRT_RAND_S IPV6 ?= 1 ASAN ?= -fsanitize=address,undefined,alignment -fno-sanitize-recover=all -fno-omit-frame-pointer -fno-common ASAN_OPTIONS ?= detect_leaks=1 @@ -172,11 +171,11 @@ vc98: Makefile mongoose.h $(SRCS) $(DOCKER) mdashnet/vc98 wine $@.exe vc17: Makefile mongoose.h $(SRCS) - $(DOCKER) mdashnet/vc17 wine64 cl $(SRCS) $(VCRANDFLAG) $(VCFLAGS) /Fe$@.exe + $(DOCKER) mdashnet/vc17 wine64 cl $(SRCS) $(VCFLAGS) /Fe$@.exe $(DOCKER) mdashnet/vc17 wine64 $@.exe vc22: Makefile mongoose.h $(SRCS) - $(DOCKER) mdashnet/vc22 wine64 cl $(SRCS) $(VCRANDFLAG) $(VCFLAGS) /Fe$@.exe + $(DOCKER) mdashnet/vc22 wine64 cl $(SRCS) $(VCFLAGS) /Fe$@.exe $(DOCKER) mdashnet/vc22 wine64 $@.exe mingw: Makefile mongoose.h $(SRCS)