From 81f251660026fff198daf8920edc62bbc782ff7d Mon Sep 17 00:00:00 2001
From: Thiago Macieira <thiago.macieira@intel.com>
Date: Thu, 12 Oct 2017 14:59:51 -0700
Subject: QRandomGenerator: add system() and global()

Right now,this does really nothing. This commit is just to allow us to
transition the other modules (besides qtbase) to use the syntax that
will become the API.

I've marked three places to use the system CSPRNG:
 1) the QHash seed
 2) QUuid
 3) QAuthenticator

I didn't think the HTTP multipart boundary needed to be
cryptographically safe, so I changed that one to the global generator.

Change-Id: Ib17dde1a1dbb49a7bba8fffd14ecf1938bd8ff61
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
---
 src/corelib/global/qrandom.h                                     | 9 +++++----
 src/corelib/plugin/quuid.cpp                                     | 2 +-
 src/corelib/tools/qhash.cpp                                      | 2 +-
 src/network/access/qhttpmultipart.cpp                            | 2 +-
 src/network/kernel/qauthenticator.cpp                            | 3 ++-
 .../corelib/global/qrandomgenerator/tst_qrandomgenerator.cpp     | 8 +++-----
 6 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/src/corelib/global/qrandom.h b/src/corelib/global/qrandom.h
index 2259f2657a..049495d4e8 100644
--- a/src/corelib/global/qrandom.h
+++ b/src/corelib/global/qrandom.h
@@ -51,9 +51,12 @@ class QRandomGenerator
     template <typename UInt> using IfValidUInt =
         typename std::enable_if<std::is_unsigned<UInt>::value && sizeof(UInt) >= sizeof(uint), bool>::type;
 public:
+    static QRandomGenerator system() { return {}; }
+    static QRandomGenerator global() { return {}; }
     QRandomGenerator() = default;
 
     // ### REMOVE BEFORE 5.10
+    QRandomGenerator *operator->() { return this; }
     static quint32 get32() { return generate(); }
     static quint64 get64() { return generate64(); }
     static qreal getReal() { return generateDouble(); }
@@ -135,13 +138,14 @@ public:
     static Q_DECL_CONSTEXPR result_type max() { return (std::numeric_limits<result_type>::max)(); }
 
 private:
-    Q_DISABLE_COPY(QRandomGenerator)
     static Q_CORE_EXPORT void fillRange_helper(void *buffer, void *bufferEnd);
 };
 
 class QRandomGenerator64
 {
 public:
+    static QRandomGenerator64 system() { return {}; }
+    static QRandomGenerator64 global() { return {}; }
     QRandomGenerator64() = default;
 
     static quint64 generate() { return QRandomGenerator::generate64(); }
@@ -152,9 +156,6 @@ public:
     double entropy() const Q_DECL_NOTHROW { return 0.0; }
     static Q_DECL_CONSTEXPR result_type min() { return (std::numeric_limits<result_type>::min)(); }
     static Q_DECL_CONSTEXPR result_type max() { return (std::numeric_limits<result_type>::max)(); }
-
-private:
-    Q_DISABLE_COPY(QRandomGenerator64)
 };
 
 
diff --git a/src/corelib/plugin/quuid.cpp b/src/corelib/plugin/quuid.cpp
index 11ef247531..3a1c0495fe 100644
--- a/src/corelib/plugin/quuid.cpp
+++ b/src/corelib/plugin/quuid.cpp
@@ -945,7 +945,7 @@ QUuid QUuid::createUuid()
     QUuid result(Qt::Uninitialized);
     uint *data = &(result.data1);
     enum { AmountToRead = 4 };
-    QRandomGenerator::fillRange(data, AmountToRead);
+    QRandomGenerator::system()->fillRange(data, AmountToRead);
 
     result.data4[0] = (result.data4[0] & 0x3F) | 0x80;        // UV_DCE
     result.data3 = (result.data3 & 0x0FFF) | 0x4000;        // UV_Random
diff --git a/src/corelib/tools/qhash.cpp b/src/corelib/tools/qhash.cpp
index 485c6591c2..ded9ad354e 100644
--- a/src/corelib/tools/qhash.cpp
+++ b/src/corelib/tools/qhash.cpp
@@ -296,7 +296,7 @@ static uint qt_create_qhash_seed()
         return seed;
     }
 
-    seed = QRandomGenerator::generate();
+    seed = QRandomGenerator::system()->generate();
 #endif // QT_BOOTSTRAPPED
 
     return seed;
diff --git a/src/network/access/qhttpmultipart.cpp b/src/network/access/qhttpmultipart.cpp
index 58d306d5f9..c59df9d8b8 100644
--- a/src/network/access/qhttpmultipart.cpp
+++ b/src/network/access/qhttpmultipart.cpp
@@ -435,7 +435,7 @@ QHttpMultiPartPrivate::QHttpMultiPartPrivate() : contentType(QHttpMultiPart::Mix
 {
     // 24 random bytes, becomes 32 characters when encoded to Base64
     quint32 random[6];
-    QRandomGenerator::fillRange(random);
+    QRandomGenerator::global()->fillRange(random);
     boundary = "boundary_.oOo._"
                + QByteArray::fromRawData(reinterpret_cast<char *>(random), sizeof(random)).toBase64();
 
diff --git a/src/network/kernel/qauthenticator.cpp b/src/network/kernel/qauthenticator.cpp
index 099d9586d2..a3ccf13e82 100644
--- a/src/network/kernel/qauthenticator.cpp
+++ b/src/network/kernel/qauthenticator.cpp
@@ -48,6 +48,7 @@
 #include <qendian.h>
 #include <qstring.h>
 #include <qdatetime.h>
+#include <qrandom.h>
 
 #ifdef Q_OS_WIN
 #include <qmutex.h>
@@ -357,7 +358,7 @@ QAuthenticatorPrivate::QAuthenticatorPrivate()
     , phase(Start)
     , nonceCount(0)
 {
-    cnonce = QCryptographicHash::hash(QByteArray::number(qrand(), 16) + QByteArray::number(qrand(), 16),
+    cnonce = QCryptographicHash::hash(QByteArray::number(QRandomGenerator::system()->generate64(), 16),
                                       QCryptographicHash::Md5).toHex();
     nonceCount = 0;
 }
diff --git a/tests/auto/corelib/global/qrandomgenerator/tst_qrandomgenerator.cpp b/tests/auto/corelib/global/qrandomgenerator/tst_qrandomgenerator.cpp
index d1c0c8e965..4b38d46317 100644
--- a/tests/auto/corelib/global/qrandomgenerator/tst_qrandomgenerator.cpp
+++ b/tests/auto/corelib/global/qrandomgenerator/tst_qrandomgenerator.cpp
@@ -364,7 +364,7 @@ void tst_QRandomGenerator::bounded()
     QCOMPARE(ivalue, int(expected));
 
     // confirm only the bound now
-    setRNGControl(control & (SkipHWRNG|SkipSystemRNG|SkipMemfill));
+    setRNGControl(control & (SkipHWRNG|SkipSystemRNG));
     value = QRandomGenerator::bounded(sup);
     QVERIFY(value < sup);
 
@@ -536,7 +536,6 @@ void tst_QRandomGenerator::stdUniformIntDistribution_data()
 
     auto newRow = [](quint32 max) {
         QTest::addRow("default:%u", max) << 0U << max;
-        QTest::addRow("direct:%u", max) << uint(SkipMemfill) << max;
         QTest::addRow("system:%u", max) << uint(SkipHWRNG) << max;
     #ifdef HAVE_FALLBACK_ENGINE
         QTest::addRow("fallback:%u", max) << uint(SkipHWRNG | SkipSystemRNG) << max;
@@ -555,7 +554,7 @@ void tst_QRandomGenerator::stdUniformIntDistribution()
 {
     QFETCH(uint, control);
     QFETCH(quint32, max);
-    setRNGControl(control & (SkipHWRNG|SkipSystemRNG|SkipMemfill));
+    setRNGControl(control & (SkipHWRNG|SkipSystemRNG));
 
     {
         QRandomGenerator rd;
@@ -653,7 +652,6 @@ void tst_QRandomGenerator::stdUniformRealDistribution_data()
 
     auto newRow = [](double min, double sup) {
         QTest::addRow("default:%g-%g", min, sup) << 0U << min << sup;
-        QTest::addRow("direct:%g-%g", min, sup) << uint(SkipMemfill) << min << sup;
         QTest::addRow("system:%g-%g", min, sup) << uint(SkipHWRNG) << min << sup;
     #ifdef HAVE_FALLBACK_ENGINE
         QTest::addRow("fallback:%g-%g", min, sup) << uint(SkipHWRNG | SkipSystemRNG) << min << sup;
@@ -673,7 +671,7 @@ void tst_QRandomGenerator::stdUniformRealDistribution()
     QFETCH(uint, control);
     QFETCH(double, min);
     QFETCH(double, sup);
-    setRNGControl(control & (SkipHWRNG|SkipSystemRNG|SkipMemfill));
+    setRNGControl(control & (SkipHWRNG|SkipSystemRNG));
 
     {
         QRandomGenerator rd;
-- 
cgit v1.2.3