secure_random: add_seed flushes all buffered random

GitOrigin-RevId: 408dea74532e882d1f42126999b7394a46cebfd1
2018-11-16 16:41:53 +04:00 · 2018-11-16 16:41:53 +04:00 · b6e8be94c6
commit b6e8be94c6
parent be92820691
1 changed files with 10 additions and 3 deletions
--- a/tdutils/td/utils/Random.cpp
+++ b/tdutils/td/utils/Random.cpp
@ -27,13 +27,22 @@ constexpr size_t secure_bytes_buffer_size = 512;
 void Random::secure_bytes(MutableSlice dest) {
  Random::secure_bytes(dest.ubegin(), dest.size());
 }
+namespace {
+std::atomic<int64> random_seed_generation{0};
+}

 void Random::secure_bytes(unsigned char *ptr, size_t size) {
  constexpr size_t buf_size = secure_bytes_buffer_size;
  static TD_THREAD_LOCAL unsigned char *buf;  // static zero-initialized
  static TD_THREAD_LOCAL size_t buf_pos;
+  static TD_THREAD_LOCAL int64 generation;
  if (init_thread_local<unsigned char[]>(buf, buf_size)) {
    buf_pos = buf_size;
+    generation = 0;
+  }
+  if (generation != random_seed_generation.load(std::memory_order_relaxed)) {
+    generation = random_seed_generation.load(std::memory_order_acquire);
+    buf_pos = buf_size;
  }

  auto ready = min(size, buf_size - buf_pos);
@ -75,9 +84,7 @@ int64 Random::secure_int64() {

 void Random::add_seed(Slice bytes, double entropy) {
  RAND_add(bytes.data(), static_cast<int>(bytes.size()), entropy);
-  // drain all secure_bytes buffer
-  std::array<char, secure_bytes_buffer_size> buf;
-  secure_bytes(MutableSlice(buf.data(), buf.size()));
+  random_seed_generation++;
 }
 #endif