Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7523)
if (num < 0 || randomness < 0.0)
return 0;
if (num < 0 || randomness < 0.0)
return 0;
seedlen = rand_drbg_seedlen(drbg);
buflen = (size_t)num;
seedlen = rand_drbg_seedlen(drbg);
buflen = (size_t)num;
* inevitably. So we use a trick to mix the buffer contents into
* the DRBG state without forcing a reseeding: we generate a
* dummy random byte, using the buffer content as additional data.
* inevitably. So we use a trick to mix the buffer contents into
* the DRBG state without forcing a reseeding: we generate a
* dummy random byte, using the buffer content as additional data.
+ * Note: This won't work with RAND_DRBG_FLAG_CTR_NO_DF.
*/
unsigned char dummy[1];
*/
unsigned char dummy[1];
- return RAND_DRBG_generate(drbg, dummy, sizeof(dummy), 0, buf, buflen);
+ ret = RAND_DRBG_generate(drbg, dummy, sizeof(dummy), 0, buf, buflen);
+ rand_drbg_unlock(drbg);
+ return ret;
#else
/*
* If an os entropy source is avaible then we declare the buffer content
#else
/*
* If an os entropy source is avaible then we declare the buffer content
randomness = (double)seedlen;
}
randomness = (double)seedlen;
}
ret = rand_drbg_restart(drbg, buf, buflen, (size_t)(8 * randomness));
rand_drbg_unlock(drbg);
ret = rand_drbg_restart(drbg, buf, buflen, (size_t)(8 * randomness));
rand_drbg_unlock(drbg);