Ensure random Uuid generation (#2194)

Posix platforms do not generate secure random bytes with random_device(). On posix platforms use the openSSL random byte generator which generates cryptographically secure random bytes **NOTE**: Once the assert work is done this abort() will be switched over to assert.
2021-05-05 14:41:39 -07:00 · 2021-05-05 14:41:39 -07:00 · 0490d69e02
commit 0490d69e02
parent b5b547f590
1 changed files with 18 additions and 2 deletions
--- a/sdk/core/azure-core/inc/azure/core/uuid.hpp
+++ b/sdk/core/azure-core/inc/azure/core/uuid.hpp
@ -8,12 +8,18 @@

 #pragma once

+#include "azure/core/platform.hpp"
+
 #include <cstring>
 #include <new> // for placement new
 #include <random>
 #include <string>
 #include <utility> // for swap and move

+#if defined(AZ_PLATFORM_POSIX)
+#include <openssl/rand.h> //for RAND_bytes
+#endif
+
 namespace Azure { namespace Core {
  /**
   * @brief Universally unique identifier.
@ -73,15 +79,25 @@ namespace Azure { namespace Core {
     */
    static Uuid CreateUuid()
    {
-      std::random_device rd;
-
      uint8_t uuid[UuidSize] = {};

+#if defined(AZ_PLATFORM_WINDOWS)
+      std::random_device rd;
+
      for (int i = 0; i < UuidSize; i += 4)
      {
        const uint32_t x = rd();
        std::memcpy(uuid + i, &x, 4);
      }
+#elif defined(AZ_PLATFORM_POSIX)
+      int ret = RAND_bytes(uuid, UuidSize);
+      if (ret <= 0)
+      {
+        abort();
+      }
+#else
+      abort();
+#endif

      // SetVariant to ReservedRFC4122
      uuid[8] = (uuid[8] | ReservedRFC4122) & 0x7F;