RAND_POOL *crngt_pool;
} CRNG_TEST_GLOBAL;
-int (*crngt_get_entropy)(OPENSSL_CTX *, unsigned char *, unsigned char *,
- unsigned int *)
+int (*crngt_get_entropy)(OPENSSL_CTX *, RAND_POOL *, unsigned char *,
+ unsigned char *, unsigned int *)
= &rand_crngt_get_entropy_cb;
static void rand_crng_ossl_ctx_free(void *vcrngt_glob)
return NULL;
if ((crngt_glob->crngt_pool
- = rand_pool_new(0, CRNGT_BUFSIZ, CRNGT_BUFSIZ)) == NULL) {
+ = rand_pool_new(0, 1, CRNGT_BUFSIZ, CRNGT_BUFSIZ)) == NULL) {
OPENSSL_free(crngt_glob);
return NULL;
}
- if (crngt_get_entropy(ctx, buf, crngt_glob->crngt_prev, NULL)) {
+ if (crngt_get_entropy(ctx, crngt_glob->crngt_pool, buf,
+ crngt_glob->crngt_prev, NULL)) {
OPENSSL_cleanse(buf, sizeof(buf));
return crngt_glob;
}
};
int rand_crngt_get_entropy_cb(OPENSSL_CTX *ctx,
+ RAND_POOL *pool,
unsigned char *buf,
unsigned char *md,
unsigned int *md_size)
int r;
size_t n;
unsigned char *p;
- CRNG_TEST_GLOBAL *crngt_glob
- = openssl_ctx_get_data(ctx, OPENSSL_CTX_RAND_CRNGT_INDEX,
- &rand_crng_ossl_ctx_method);
- if (crngt_glob == NULL)
+ if (pool == NULL)
return 0;
- n = rand_pool_acquire_entropy(crngt_glob->crngt_pool);
+ n = rand_pool_acquire_entropy(pool);
if (n >= CRNGT_BUFSIZ) {
- p = rand_pool_detach(crngt_glob->crngt_pool);
- r = EVP_Digest(p, CRNGT_BUFSIZ, md, md_size, EVP_sha256(), NULL);
+ EVP_MD *fmd = EVP_MD_fetch(ctx, "SHA256", "");
+ if (fmd == NULL)
+ return 0;
+ p = rand_pool_detach(pool);
+ r = EVP_Digest(p, CRNGT_BUFSIZ, md, md_size, fmd, NULL);
if (r != 0)
memcpy(buf, p, CRNGT_BUFSIZ);
- rand_pool_reattach(crngt_glob->crngt_pool, p);
+ rand_pool_reattach(pool, p);
+ EVP_MD_free(fmd);
return r;
}
return 0;
if (crngt_glob == NULL)
return 0;
- if ((pool = rand_pool_new(entropy, min_len, max_len)) == NULL)
+ if ((pool = rand_pool_new(entropy, 1, min_len, max_len)) == NULL)
return 0;
while ((q = rand_pool_bytes_needed(pool, 1)) > 0 && attempts-- > 0) {
s = q > sizeof(buf) ? sizeof(buf) : q;
- if (!crngt_get_entropy(drbg->libctx, buf, md, &sz)
+ if (!crngt_get_entropy(drbg->libctx, crngt_glob->crngt_pool, buf, md,
+ &sz)
|| memcmp(crngt_glob->crngt_prev, md, sz) == 0
|| !rand_pool_add(pool, buf, s, s * 8))
goto err;