Publish the RAND_DRBG API

[openssl.git] / crypto / evp / e_aes.c

diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index e56be16365f9e3926d0467ea0db45ff1a103b853..2421385425ca3e7544f6fe089b8aba56a5256e2f 100644 (file)
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -17,6 +17,7 @@
 #include "internal/evp_int.h"
 #include "modes_lcl.h"
 #include <openssl/rand.h>
+#include <openssl/rand_drbg.h>
 #include "evp_locl.h"
 
 typedef struct {
@@ -1404,8 +1405,14 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
             memcpy(gctx->iv, ptr, arg);
 
         enc = EVP_CIPHER_CTX_encrypting(c);
-        if (enc && RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0)
-            return 0;
+        if (enc) {
+            if (c->drbg != NULL) {
+                if (RAND_DRBG_bytes(c->drbg, gctx->iv + arg, gctx->ivlen - arg) == 0)
+                    return 0;
+            } else if (RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0) {
+                return 0;
+            }
+        }
 
         gctx->iv_gen = 1;
         return 1;
@@ -2510,6 +2517,8 @@ static int aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                                 EVP_CIPHER_CTX_encrypting(ctx), dat->block);
         EVP_CIPHER_CTX_set_num(ctx, num);
         len -= MAXBITCHUNK;
+        out += MAXBITCHUNK;
+        in  += MAXBITCHUNK;
     }
     if (len) {
         int num = EVP_CIPHER_CTX_num(ctx);
@@ -2630,9 +2639,14 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
             return 0;
         if (arg)
             memcpy(gctx->iv, ptr, arg);
-        if (EVP_CIPHER_CTX_encrypting(c)
-            && RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0)
-            return 0;
+        if (EVP_CIPHER_CTX_encrypting(c)) {
+            if (c->drbg != NULL) {
+                if (RAND_DRBG_bytes(c->drbg, gctx->iv + arg, gctx->ivlen - arg) == 0)
+                    return 0;
+            } else if (RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0) {
+                return 0;
+            }
+        }
         gctx->iv_gen = 1;
         return 1;