rand: instantiate the DRBGs upon first use.

Fixes #12714 [skip ci] Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12717)
author: Pauli <paul.dale@oracle.com> 2020-08-26 14:11:49 +1000
committer: Pauli <paul.dale@oracle.com> 2020-08-28 10:19:56 +1000
commit: 4516bf7422223a47f98931c1315985bd9dc303af (patch)
tree: f02954cf10010601db1209f0372c6628000d45c2 /crypto
parent: edd53e9135d9546e3611ca1d45876bac15047aa8 (diff)
1 files changed, 7 insertions, 2 deletions
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index 89277e93c5..a37a575e5b 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -246,7 +246,7 @@ int RAND_status(void)
         return meth->status != NULL ? meth->status() : 0;
 
     if ((rand = RAND_get0_primary(NULL)) == NULL)
-        return EVP_RAND_STATE_UNINITIALISED;
+        return 0;
     return EVP_RAND_state(rand) == EVP_RAND_STATE_READY;
 }
 #else  /* !FIPS_MODULE */
@@ -467,7 +467,12 @@ static EVP_RAND_CTX *rand_new_drbg(OPENSSL_CTX *libctx, EVP_RAND_CTX *parent,
     if (!EVP_RAND_set_ctx_params(ctx, params)) {
         RANDerr(0, RAND_R_ERROR_INITIALISING_DRBG);
         EVP_RAND_CTX_free(ctx);
-        ctx = NULL;
+        return NULL;
+    }
+    if (!EVP_RAND_instantiate(ctx, 0, 0, NULL, 0)) {
+        RANDerr(0, RAND_R_ERROR_INSTANTIATING_DRBG);
+        EVP_RAND_CTX_free(ctx);
+        return NULL;
     }
     return ctx;
 }
author	Pauli <paul.dale@oracle.com>	2020-08-26 14:11:49 +1000
committer	Pauli <paul.dale@oracle.com>	2020-08-28 10:19:56 +1000
commit	4516bf7422223a47f98931c1315985bd9dc303af (patch)
tree	f02954cf10010601db1209f0372c6628000d45c2 /crypto
parent	edd53e9135d9546e3611ca1d45876bac15047aa8 (diff)