/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
static CRYPTO_RWLOCK *rand_nonce_lock;
static int rand_nonce_count;
-static int rand_cleaning_up = 0;
+static int rand_inited = 0;
#ifdef OPENSSL_RAND_SEED_RDTSC
/*
size_t entropy_available = 0;
RAND_POOL *pool;
- if (drbg->parent && drbg->strength > drbg->parent->strength) {
+ if (drbg->parent != NULL && drbg->strength > drbg->parent->strength) {
/*
* We currently don't support the algorithm from NIST SP 800-90C
* 10.1.2 to use a weaker DRBG as source
return 0;
}
- if (drbg->parent) {
+ if (drbg->parent != NULL) {
size_t bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
unsigned char *buffer = rand_pool_add_begin(pool, bytes_needed);
}
} else {
- if (prediction_resistance) {
- /*
- * We don't have any entropy sources that comply with the NIST
- * standard to provide prediction resistance (see NIST SP 800-90C,
- * Section 5.4).
- */
- RANDerr(RAND_F_RAND_DRBG_GET_ENTROPY,
- RAND_R_PREDICTION_RESISTANCE_NOT_SUPPORTED);
- goto err;
- }
-
/* Get entropy by polling system entropy sources. */
entropy_available = rand_pool_acquire_entropy(pool);
}
*pout = rand_pool_detach(pool);
}
- err:
if (drbg->seed_pool == NULL)
rand_pool_free(pool);
return ret;
struct {
void * instance;
int count;
- } data = { 0 };
+ } data;
+ memset(&data, 0, sizeof(data));
pool = rand_pool_new(0, min_len, max_len);
if (pool == NULL)
return 0;
if (rand_nonce_lock == NULL)
goto err2;
- if (!rand_cleaning_up && !rand_pool_init())
+ if (!rand_pool_init())
goto err3;
+ rand_inited = 1;
return 1;
err3:
- rand_pool_cleanup();
+ CRYPTO_THREAD_lock_free(rand_nonce_lock);
+ rand_nonce_lock = NULL;
err2:
CRYPTO_THREAD_lock_free(rand_meth_lock);
rand_meth_lock = NULL;
{
const RAND_METHOD *meth = default_RAND_meth;
- rand_cleaning_up = 1;
+ if (!rand_inited)
+ return;
if (meth != NULL && meth->cleanup != NULL)
meth->cleanup();
rand_meth_lock = NULL;
CRYPTO_THREAD_lock_free(rand_nonce_lock);
rand_nonce_lock = NULL;
+ rand_inited = 0;
}
/*
} else {
/* fill random pool and seed the current legacy RNG */
pool = rand_pool_new(RAND_DRBG_STRENGTH,
- RAND_DRBG_STRENGTH / 8,
+ (RAND_DRBG_STRENGTH + 7) / 8,
RAND_POOL_MAX_LENGTH);
if (pool == NULL)
return 0;
if (pool->buffer == NULL) {
RANDerr(RAND_F_RAND_POOL_ADD_BEGIN, ERR_R_INTERNAL_ERROR);
- return 0;
+ return NULL;
}
return pool->buffer + pool->len;
return -1;
}
-#if OPENSSL_API_COMPAT < 0x10100000L
+#if !OPENSSL_API_1_1_0
int RAND_pseudo_bytes(unsigned char *buf, int num)
{
const RAND_METHOD *meth = RAND_get_rand_method();