Don't use a ssl specific DRBG anymore

Since the public and private DRBG are per thread we don't need one per ssl object anymore. It could also try to get entropy from a DRBG that's really from an other thread because the SSL object moved to an other thread. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/5547)
author: Kurt Roeckx <kurt@roeckx.be> 2018-03-08 22:30:28 +0100
committer: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> 2018-03-19 15:04:40 +0100
commit: 16cfc2c90d9e7776965db07c1f31bbec2f6c41e3 (patch)
tree: dab155d1453fce5e7e2a5d6c2d4d02557227cb41 /crypto/evp/e_aria.c
parent: 7caf122e717e79afcb986fe217e77a630b67bf4c (diff)
1 files changed, 3 insertions, 8 deletions
diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c
index 9c1036b4bd..ffd9530d57 100644
--- a/crypto/evp/e_aria.c
+++ b/crypto/evp/e_aria.c
@@ -302,14 +302,9 @@ static int aria_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
             return 0;
         if (arg)
             memcpy(gctx->iv, ptr, arg);
-        if (EVP_CIPHER_CTX_encrypting(c)) {
-            if (c->drbg != NULL) {
-                if (RAND_DRBG_bytes(c->drbg, gctx->iv + arg, gctx->ivlen - arg) == 0)
-                    return 0;
-            } else if (RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0) {
-                return 0;
-            }
-        }
+        if (EVP_CIPHER_CTX_encrypting(c)
+            && RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0)
+            return 0;
         gctx->iv_gen = 1;
         return 1;
author	Kurt Roeckx <kurt@roeckx.be>	2018-03-08 22:30:28 +0100
committer	Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>	2018-03-19 15:04:40 +0100
commit	16cfc2c90d9e7776965db07c1f31bbec2f6c41e3 (patch)
tree	dab155d1453fce5e7e2a5d6c2d4d02557227cb41 /crypto/evp/e_aria.c
parent	7caf122e717e79afcb986fe217e77a630b67bf4c (diff)