diff options
author | Pauli <paul.dale@oracle.com> | 2020-08-26 14:11:49 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2020-08-28 10:19:56 +1000 |
commit | 4516bf7422223a47f98931c1315985bd9dc303af (patch) | |
tree | f02954cf10010601db1209f0372c6628000d45c2 /crypto/rand | |
parent | edd53e9135d9546e3611ca1d45876bac15047aa8 (diff) |
rand: instantiate the DRBGs upon first use.
Fixes #12714
[skip ci]
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12717)
Diffstat (limited to 'crypto/rand')
-rw-r--r-- | crypto/rand/rand_lib.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 89277e93c5..a37a575e5b 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -246,7 +246,7 @@ int RAND_status(void) return meth->status != NULL ? meth->status() : 0; if ((rand = RAND_get0_primary(NULL)) == NULL) - return EVP_RAND_STATE_UNINITIALISED; + return 0; return EVP_RAND_state(rand) == EVP_RAND_STATE_READY; } #else /* !FIPS_MODULE */ @@ -467,7 +467,12 @@ static EVP_RAND_CTX *rand_new_drbg(OPENSSL_CTX *libctx, EVP_RAND_CTX *parent, if (!EVP_RAND_set_ctx_params(ctx, params)) { RANDerr(0, RAND_R_ERROR_INITIALISING_DRBG); EVP_RAND_CTX_free(ctx); - ctx = NULL; + return NULL; + } + if (!EVP_RAND_instantiate(ctx, 0, 0, NULL, 0)) { + RANDerr(0, RAND_R_ERROR_INSTANTIATING_DRBG); + EVP_RAND_CTX_free(ctx); + return NULL; } return ctx; } |