}
/* make a random number and set the top and bottom bits */
- b = flag == NORMAL ? rand_bytes_ex(libctx, buf, bytes)
- : rand_priv_bytes_ex(libctx, buf, bytes);
+ b = flag == NORMAL ? RAND_bytes_ex(libctx, buf, bytes)
+ : RAND_priv_bytes_ex(libctx, buf, bytes);
if (b <= 0)
goto err;
unsigned char c;
for (i = 0; i < bytes; i++) {
- if (rand_bytes_ex(libctx, &c, 1) <= 0)
+ if (RAND_bytes_ex(libctx, &c, 1) <= 0)
goto err;
if (c >= 128 && i > 0)
buf[i] = buf[i - 1];
goto err;
}
for (done = 0; done < num_k_bytes;) {
- if (!rand_priv_bytes_ex(libctx, random_bytes, sizeof(random_bytes)))
+ if (!RAND_priv_bytes_ex(libctx, random_bytes, sizeof(random_bytes)))
goto err;
if (!EVP_DigestInit_ex(mdctx, md, NULL)
* the default method, then just call RAND_bytes(). Otherwise make
* sure we're instantiated and use the private DRBG.
*/
-int rand_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num)
+int RAND_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num)
{
RAND_DRBG *drbg;
const RAND_METHOD *meth = RAND_get_rand_method();
int RAND_priv_bytes(unsigned char *buf, int num)
{
- return rand_priv_bytes_ex(NULL, buf, num);
+ return RAND_priv_bytes_ex(NULL, buf, num);
}
-int rand_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num)
+int RAND_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num)
{
RAND_DRBG *drbg;
const RAND_METHOD *meth = RAND_get_rand_method();
int RAND_bytes(unsigned char *buf, int num)
{
- return rand_bytes_ex(NULL, buf, num);
+ return RAND_bytes_ex(NULL, buf, num);
}
#if !defined(OPENSSL_NO_DEPRECATED_1_1_0) && !defined(FIPS_MODE)
+++ /dev/null
-=pod
-
-=head1 NAME
-
-rand_bytes_ex, rand_priv_bytes_ex
-- internal random number routines
-
-=head1 SYNOPSIS
-
- #include "crypto/rand.h"
-
- int rand_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num);
- int rand_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num);
-
-=head1 DESCRIPTION
-
-rand_bytes_ex() and rand_priv_bytes_ex() are the equivalent of RAND_bytes() and
-RAND_priv_bytes() in the public API except that they both take an additional
-I<ctx> parameter.
-The DRBG used for the operation is the public or private DRBG associated with
-the specified I<ctx>. The parameter can be NULL, in which case
-the default library ctx is used.
-If the default RAND_METHOD has been changed then for compatibility reasons the
-RAND_METHOD will be used in preference and the DRBG of the library context
-ignored.
-
-=head1 RETURN VALUES
-
-rand_bytes_ex() and rand_bytes_priv_ex() return 0 or less on error or 1 on
-success.
-
-=head1 COPYRIGHT
-
-Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
-
-Licensed under the Apache License 2.0 (the "License"). You may not use
-this file except in compliance with the License. You can obtain a copy
-in the file LICENSE in the source distribution or at
-L<https://www.openssl.org/source/license.html>.
-
-=cut
=head1 NAME
-RAND_bytes, RAND_priv_bytes, RAND_pseudo_bytes - generate random data
+RAND_bytes, RAND_priv_bytes, RAND_bytes_ex, RAND_priv_bytes_ex,
+RAND_pseudo_bytes - generate random data
=head1 SYNOPSIS
int RAND_bytes(unsigned char *buf, int num);
int RAND_priv_bytes(unsigned char *buf, int num);
+ int RAND_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num);
+ int RAND_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num);
+
Deprecated since OpenSSL 1.1.0, can be hidden entirely by defining
B<OPENSSL_API_COMPAT> with a suitable version value, see
L<openssl_user_macros(7)>:
affect the secrecy of these private values, as described in L<RAND(7)>
and L<RAND_DRBG(7)>.
+RAND_bytes_ex() and RAND_priv_bytes_ex() are the same as RAND_bytes() and
+RAND_priv_bytes() except that they both take an additional I<ctx> parameter.
+The DRBG used for the operation is the public or private DRBG associated with
+the specified I<ctx>. The parameter can be NULL, in which case
+the default library context is used (see L<OPENSSL_CTX(3)>.
+If the default RAND_METHOD has been changed then for compatibility reasons the
+RAND_METHOD will be used in preference and the DRBG of the library context
+ignored.
+
=head1 NOTES
Always check the error return value of RAND_bytes() and
The RAND_priv_bytes() function was added in OpenSSL 1.1.1.
+=item *
+
+The RAND_bytes_ex() and RAND_priv_bytes_ex() functions were added in OpenSSL 3.0
+
=back
=head1 COPYRIGHT
*/
void rand_pool_keep_random_devices_open(int keep);
-/* Equivalent of RAND_priv_bytes() but additionally taking an OPENSSL_CTX */
-int rand_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num);
-
-/* Equivalent of RAND_bytes() but additionally taking an OPENSSL_CTX */
-int rand_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num);
-
#endif
# endif
int RAND_bytes(unsigned char *buf, int num);
int RAND_priv_bytes(unsigned char *buf, int num);
+
+/* Equivalent of RAND_priv_bytes() but additionally taking an OPENSSL_CTX */
+int RAND_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num);
+
+/* Equivalent of RAND_bytes() but additionally taking an OPENSSL_CTX */
+int RAND_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num);
+
DEPRECATEDIN_1_1_0(int RAND_pseudo_bytes(unsigned char *buf, int num))
void RAND_seed(const void *buf, int num);
}
#else
-# include "crypto/rand.h"
+# include <openssl/rand.h>
# include "crypto/evp.h"
# include "internal/constant_time.h"
# endif
/* ask for IVs in bulk */
- if (rand_bytes_ex(ctx->base.libctx, (IVs = blocks[0].c), 16 * x4) <= 0)
+ if (RAND_bytes_ex(ctx->base.libctx, (IVs = blocks[0].c), 16 * x4) <= 0)
return 0;
mctx = (SHA1_MB_CTX *) (storage + 32 - ((size_t)storage % 32)); /* align */
}
#else
-# include "crypto/rand.h"
+# include <openssl/rand.h>
# include "crypto/evp.h"
# include "internal/constant_time.h"
# endif
/* ask for IVs in bulk */
- if (rand_bytes_ex(ctx->base.libctx, (IVs = blocks[0].c), 16 * x4) <= 0)
+ if (RAND_bytes_ex(ctx->base.libctx, (IVs = blocks[0].c), 16 * x4) <= 0)
return 0;
mctx = (SHA256_MB_CTX *) (storage + 32 - ((size_t)storage % 32)); /* align */
#include "prov/ciphercommon.h"
#include "cipher_des.h"
-#include "crypto/rand.h"
+#include <openssl/rand.h>
#include "prov/implementations.h"
#include "prov/providercommonerr.h"
DES_cblock *deskey = ptr;
size_t kl = ctx->keylen;
- if (kl == 0 || rand_priv_bytes_ex(ctx->libctx, ptr, kl) <= 0)
+ if (kl == 0 || RAND_priv_bytes_ex(ctx->libctx, ptr, kl) <= 0)
return 0;
DES_set_odd_parity(deskey);
return 1;
#include "prov/ciphercommon.h"
#include "cipher_tdes.h"
-#include "crypto/rand.h"
+#include <openssl/rand.h>
#include "prov/implementations.h"
#include "prov/providercommonerr.h"
DES_cblock *deskey = ptr;
size_t kl = ctx->keylen;
- if (kl == 0 || rand_priv_bytes_ex(ctx->libctx, ptr, kl) <= 0)
+ if (kl == 0 || RAND_priv_bytes_ex(ctx->libctx, ptr, kl) <= 0)
return 0;
DES_set_odd_parity(deskey);
if (kl >= 16)
#include "internal/deprecated.h"
#include <openssl/sha.h>
+#include <openssl/rand.h>
#include "cipher_tdes_default.h"
#include "crypto/evp.h"
-#include "crypto/rand.h"
#include "prov/implementations.h"
#include "prov/providercommonerr.h"
memcpy(out + inl + ivlen, sha1tmp, icvlen);
OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH);
/* Generate random IV */
- if (rand_bytes_ex(ctx->libctx, ctx->iv, ivlen) <= 0)
+ if (RAND_bytes_ex(ctx->libctx, ctx->iv, ivlen) <= 0)
return 0;
memcpy(out, ctx->iv, ivlen);
/* Encrypt everything after IV in place */
#include "prov/ciphercommon.h"
#include "prov/ciphercommon_gcm.h"
#include "prov/providercommonerr.h"
-#include "crypto/rand.h"
+#include <openssl/rand.h>
#include "prov/provider_ctx.h"
static int gcm_tls_init(PROV_GCM_CTX *dat, unsigned char *aad, size_t aad_len);
return 0;
/* Use DRBG to generate random iv */
- if (rand_bytes_ex(ctx->libctx, ctx->iv + offset, sz) <= 0)
+ if (RAND_bytes_ex(ctx->libctx, ctx->iv + offset, sz) <= 0)
return 0;
ctx->iv_state = IV_STATE_BUFFERED;
ctx->iv_gen_rand = 1;
if (len > 0)
memcpy(ctx->iv, iv, len);
if (ctx->enc
- && rand_bytes_ex(ctx->libctx, ctx->iv + len, ctx->ivlen - len) <= 0)
+ && RAND_bytes_ex(ctx->libctx, ctx->iv + len, ctx->ivlen - len) <= 0)
return 0;
ctx->iv_gen = 1;
ctx->iv_state = IV_STATE_BUFFERED;
ASN1_TIME_dup ? 3_0_0 EXIST::FUNCTION:
ASN1_UTCTIME_dup ? 3_0_0 EXIST::FUNCTION:
ASN1_GENERALIZEDTIME_dup ? 3_0_0 EXIST::FUNCTION:
+RAND_priv_bytes_ex ? 3_0_0 EXIST::FUNCTION:
+RAND_bytes_ex ? 3_0_0 EXIST::FUNCTION:
projects / oweals / openssl.git / commitdiff