1 files changed, 16 insertions, 36 deletions

diff --git a/Source/JavaScriptCore/wtf/RandomNumber.cpp b/Source/JavaScriptCore/wtf/RandomNumber.cpp
index 1574324..5b06243 100644
--- a/Source/JavaScriptCore/wtf/RandomNumber.cpp
+++ b/Source/JavaScriptCore/wtf/RandomNumber.cpp
@@ -27,6 +27,7 @@
 #include "config.h"
 #include "RandomNumber.h"
 
+#include "CryptographicallyRandomNumber.h"
 #include "RandomNumberSeed.h"
 
 #include <limits>
@@ -52,6 +53,14 @@ namespace WTF {
 
 double randomNumber()
 {
+#if USE(OS_RANDOMNESS)
+    uint32_t bits = cryptographicallyRandomNumber();
+    return static_cast<double>(bits) / (static_cast<double>(std::numeric_limits<uint32_t>::max()) + 1.0);
+#else
+    // Without OS_RANDOMNESS, we fall back to other random number generators
+    // that might not be cryptographically secure. Ideally, most ports would
+    // define USE(OS_RANDOMNESS).
+
 #if !ENABLE(JSC_MULTIPLE_THREADS)
     static bool s_initialized = false;
     if (!s_initialized) {
@@ -59,46 +68,16 @@ double randomNumber()
         s_initialized = true;
     }
 #endif
-    
-#if COMPILER(MSVC) && defined(_CRT_RAND_S)
-    uint32_t bits;
-    rand_s(&bits);
-    return static_cast<double>(bits) / (static_cast<double>(std::numeric_limits<uint32_t>::max()) + 1.0);
-#elif OS(DARWIN)
-    uint32_t bits = arc4random();
-    return static_cast<double>(bits) / (static_cast<double>(std::numeric_limits<uint32_t>::max()) + 1.0);
-#elif OS(UNIX)
-    uint32_t part1 = random() & (RAND_MAX - 1);
-    uint32_t part2 = random() & (RAND_MAX - 1);
-    // random only provides 31 bits
-    uint64_t fullRandom = part1;
-    fullRandom <<= 31;
-    fullRandom |= part2;
 
-    // Mask off the low 53bits
-    fullRandom &= (1LL << 53) - 1;
-    return static_cast<double>(fullRandom)/static_cast<double>(1LL << 53);
-#elif USE(MERSENNE_TWISTER_19937)
+#if USE(MERSENNE_TWISTER_19937)
     return genrand_res53();
-#elif OS(WINDOWS)
-    uint32_t part1 = rand() & (RAND_MAX - 1);
-    uint32_t part2 = rand() & (RAND_MAX - 1);
-    uint32_t part3 = rand() & (RAND_MAX - 1);
-    uint32_t part4 = rand() & (RAND_MAX - 1);
-    // rand only provides 15 bits on Win32
-    uint64_t fullRandom = part1;
-    fullRandom <<= 15;
-    fullRandom |= part2;
-    fullRandom <<= 15;
-    fullRandom |= part3;
-    fullRandom <<= 15;
-    fullRandom |= part4;
-
-    // Mask off the low 53bits
-    fullRandom &= (1LL << 53) - 1;
-    return static_cast<double>(fullRandom)/static_cast<double>(1LL << 53);
 #elif PLATFORM(BREWMP)
     uint32_t bits;
+    // Is this a cryptographically strong source of random numbers? If so, we
+    // should move this into OSRandomSource.
+    // http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp851.pdf
+    // is slightly unclear on this point, although it seems to imply that it is
+    // secure.
     RefPtr<ISource> randomSource = createRefPtrInstance<ISource>(AEECLSID_RANDOM);
     ISOURCE_Read(randomSource.get(), reinterpret_cast<char*>(&bits), 4);
 
@@ -118,6 +97,7 @@ double randomNumber()
     fullRandom &= (1LL << 53) - 1;
     return static_cast<double>(fullRandom)/static_cast<double>(1LL << 53);
 #endif
+#endif
 }
 
 }