diff options
| author | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2018-02-03 22:33:19 +0100 |
|---|---|---|
| committer | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2018-02-05 20:05:14 +0100 |
| commit | f61f62ea13470a00ae8be691d62abec97f94f0ee (patch) | |
| tree | 3af25eca72242c36d5bcb841ae77402b427d1198 | |
| parent | 1648338ba1a63c19c7bae32170cd1d825b48eaee (diff) | |
Use RAND_DRBG_bytes() for RAND_bytes() and RAND_priv_bytes()
The functions RAND_bytes() and RAND_priv_bytes() are now both based
on a common implementation using RAND_DRBG_bytes() (if the default
OpenSSL rand method is active). This not only simplifies the code
but also has the advantage that additional input from a high precision
timer is added on every generate call if the timer is available.
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/5251)
| -rw-r--r-- | crypto/rand/drbg_lib.c | 16 | ||||
| -rw-r--r-- | crypto/rand/rand_lib.c | 4 |
2 files changed, 5 insertions, 15 deletions
diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c index c0c0b91cfd..4404e4f720 100644 --- a/crypto/rand/drbg_lib.c +++ b/crypto/rand/drbg_lib.c @@ -776,26 +776,16 @@ void rand_drbg_cleanup_int(void) /* Implements the default OpenSSL RAND_bytes() method */ static int drbg_bytes(unsigned char *out, int count) { - int ret = 0; - size_t chunk; + int ret; RAND_DRBG *drbg = RAND_DRBG_get0_public(); if (drbg == NULL) return 0; CRYPTO_THREAD_write_lock(drbg->lock); - for ( ; count > 0; count -= chunk, out += chunk) { - chunk = count; - if (chunk > drbg->max_request) - chunk = drbg->max_request; - ret = RAND_DRBG_generate(drbg, out, chunk, 0, NULL, 0); - if (!ret) - goto err; - } - ret = 1; - -err: + ret = RAND_DRBG_bytes(drbg, out, count); CRYPTO_THREAD_unlock(drbg->lock); + return ret; } diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 20ac5839e6..e82a63e599 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -719,7 +719,7 @@ int RAND_priv_bytes(unsigned char *buf, int num) /* We have to lock the DRBG before generating bits from it. */ CRYPTO_THREAD_write_lock(drbg->lock); - ret = RAND_DRBG_generate(drbg, buf, num, 0, NULL, 0); + ret = RAND_DRBG_bytes(drbg, buf, num); CRYPTO_THREAD_unlock(drbg->lock); return ret; } |