diff options
| author | Matt Caswell <matt@openssl.org> | 2019-06-28 11:23:46 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2019-07-02 16:49:18 +0100 |
| commit | 6694e51dbaecc7b331a6f0fa484d77008367c59c (patch) | |
| tree | ccdf725bf70880fa175a726a9eae987515cfaa20 /crypto/rand | |
| parent | f690ef151c0c3becc234daebf0418e04ff80580e (diff) | |
Provide rand_bytes_ex and rand_priv_bytes_ex
We provider internal versions of RAND_bytes() and RAND_priv_bytes() which
have the addition of taking an OPENSSL_CTX as a parameter.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9193)
Diffstat (limited to 'crypto/rand')
| -rw-r--r-- | crypto/rand/rand_err.c | 1 | ||||
| -rw-r--r-- | crypto/rand/rand_lib.c | 37 |
2 files changed, 30 insertions, 8 deletions
diff --git a/crypto/rand/rand_err.c b/crypto/rand/rand_err.c index 5c0dc3d8e5..d729441ef4 100644 --- a/crypto/rand/rand_err.c +++ b/crypto/rand/rand_err.c @@ -20,6 +20,7 @@ static const ERR_STRING_DATA RAND_str_functs[] = { {ERR_PACK(ERR_LIB_RAND, RAND_F_DRBG_SETUP, 0), "drbg_setup"}, {ERR_PACK(ERR_LIB_RAND, RAND_F_GET_ENTROPY, 0), "get_entropy"}, {ERR_PACK(ERR_LIB_RAND, RAND_F_RAND_BYTES, 0), "RAND_bytes"}, + {ERR_PACK(ERR_LIB_RAND, RAND_F_RAND_BYTES_EX, 0), "rand_bytes_ex"}, {ERR_PACK(ERR_LIB_RAND, RAND_F_RAND_DRBG_ENABLE_LOCKING, 0), "rand_drbg_enable_locking"}, {ERR_PACK(ERR_LIB_RAND, RAND_F_RAND_DRBG_GENERATE, 0), diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 07d2362b04..7768ade8b7 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -749,16 +749,16 @@ void RAND_add(const void *buf, int num, double randomness) * the default method, then just call RAND_bytes(). Otherwise make * sure we're instantiated and use the private DRBG. */ -int RAND_priv_bytes(unsigned char *buf, int num) +int rand_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num) { RAND_DRBG *drbg; int ret; const RAND_METHOD *meth = RAND_get_rand_method(); if (meth != RAND_OpenSSL()) - return RAND_bytes(buf, num); + return meth->bytes(buf, num); - drbg = RAND_DRBG_get0_private(); + drbg = OPENSSL_CTX_get0_private_drbg(ctx); if (drbg == NULL) return 0; @@ -766,14 +766,35 @@ int RAND_priv_bytes(unsigned char *buf, int num) return ret; } -int RAND_bytes(unsigned char *buf, int num) +int RAND_priv_bytes(unsigned char *buf, int num) { + return rand_priv_bytes_ex(NULL, buf, num); +} + +int rand_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num) +{ + RAND_DRBG *drbg; + int ret; const RAND_METHOD *meth = RAND_get_rand_method(); - if (meth->bytes != NULL) - return meth->bytes(buf, num); - RANDerr(RAND_F_RAND_BYTES, RAND_R_FUNC_NOT_IMPLEMENTED); - return -1; + if (meth != RAND_OpenSSL()) { + if (meth->bytes != NULL) + return meth->bytes(buf, num); + RANDerr(RAND_F_RAND_BYTES_EX, RAND_R_FUNC_NOT_IMPLEMENTED); + return -1; + } + + drbg = OPENSSL_CTX_get0_public_drbg(ctx); + if (drbg == NULL) + return 0; + + ret = RAND_DRBG_bytes(drbg, buf, num); + return ret; +} + +int RAND_bytes(unsigned char *buf, int num) +{ + return rand_bytes_ex(NULL, buf, num); } #if !OPENSSL_API_1_1_0 && !defined(FIPS_MODE) |