Make sure we use a nonce when a nonce is required

[openssl.git] / crypto / rand / rand_lcl.h

diff --git a/crypto/rand/rand_lcl.h b/crypto/rand/rand_lcl.h
index 0a34aa0b93245bc59388ad57adb18825a424b7cd..94ffc96f20e2e1672afb154caff72b02f428c1f9 100644 (file)
--- a/crypto/rand/rand_lcl.h
+++ b/crypto/rand/rand_lcl.h
@@ -107,6 +107,27 @@ typedef struct rand_drbg_ctr_st {
 } RAND_DRBG_CTR;
 
 
+/*
+ * The 'random pool' acts as a dumb container for collecting random
+ * input from various entropy sources. The pool has no knowledge about
+ * whether its randomness is fed into a legacy RAND_METHOD via RAND_add()
+ * or into a new style RAND_DRBG. It is the callers duty to 1) initialize the
+ * random pool, 2) pass it to the polling callbacks, 3) seed the RNG, and
+ * 4) cleanup the random pool again.
+ *
+ * The random pool contains no locking mechanism because its scope and
+ * lifetime is intended to be restricted to a single stack frame.
+ */
+struct rand_pool_st {
+    unsigned char *buffer;  /* points to the beginning of the random pool */
+    size_t len; /* current number of random bytes contained in the pool */
+
+    size_t min_len; /* minimum number of random bytes requested */
+    size_t max_len; /* maximum number of random bytes (allocated buffer size) */
+    size_t entropy; /* current entropy count in bits */
+    size_t requested_entropy; /* requested entropy count in bits */
+};
+
 /*
  * The state of all types of DRBGs, even though we only have CTR mode
  * right now.