projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
rand: trust user supplied entropy when configured without a random source
[openssl.git] / crypto / rand / rand_lib.c
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index ce95bf6210b15dc8bb951f6cdf3ba5f09c10d1c5..0cdb9caa6ddc56e2dc950c675a6205a3e63830df 100644 (file)
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -273,7 +273,13 @@ void RAND_add(const void *buf, int num, double randomness)
 # endif
     drbg = RAND_get0_primary(NULL);
     if (drbg != NULL && num > 0)
+# ifdef OPENSSL_RAND_SEED_NONE
+        /* Without an entropy source, we have to rely on the user */
+        EVP_RAND_reseed(drbg, 0, buf, num, NULL, 0);
+# else
+        /* With an entropy source, we downgrade this to additional input */
         EVP_RAND_reseed(drbg, 0, NULL, 0, buf, num);
+# endif
 }
 
 # if !defined(OPENSSL_NO_DEPRECATED_1_1_0)
Unnamed repository; edit this file 'description' to name the repository.