Various RAND improvements

[openssl.git] / crypto / rand / rand_lcl.h

diff --git a/crypto/rand/rand_lcl.h b/crypto/rand/rand_lcl.h
index e5944f975f1e2188d71d721129122aac7a12efa9..e60f619d61335f5c5dcf7d0cd6e305fa16f35687 100644 (file)
--- a/crypto/rand/rand_lcl.h
+++ b/crypto/rand/rand_lcl.h
@@ -25,6 +25,9 @@
  */
 # define RANDOMNESS_NEEDED              16
 
+/* How many times to read the TSC as a randomness source. */
+# define TSC_READ_COUNT                 4
+
 /* Maximum amount of randomness to hold in RAND_BYTES_BUFFER. */
 # define MAX_RANDOMNESS_HELD            (4 * RANDOMNESS_NEEDED)
 
@@ -57,9 +60,10 @@ typedef enum drbg_status_e {
  */
 typedef struct rand_bytes_buffer_st {
     CRYPTO_RWLOCK *lock;
+    unsigned char *buff;
     size_t size;
     size_t curr;
-    unsigned char *buff;
+    int secure;
 } RAND_BYTES_BUFFER;
 
 /*
@@ -88,8 +92,10 @@ struct rand_drbg_st {
     CRYPTO_RWLOCK *lock;
     RAND_DRBG *parent;
     int nid; /* the underlying algorithm */
+    int fork_count;
     unsigned short flags; /* various external flags */
-    unsigned short filled;
+    char filled;
+    char secure;
     /*
      * This is a fixed-size buffer, but we malloc to make it a little
      * harder to find; a classic security/performance trade-off.
@@ -125,6 +131,10 @@ struct rand_drbg_st {
 extern RAND_METHOD rand_meth;
 extern RAND_BYTES_BUFFER rand_bytes;
 extern RAND_DRBG rand_drbg;
+extern RAND_DRBG priv_drbg;
+
+/* How often we've forked (only incremented in child). */
+extern int rand_fork_count;
 
 /* Hardware-based seeding functions. */
 void rand_read_tsc(RAND_poll_fn cb, void *arg);