diff options
Diffstat (limited to 'openssl/crypto/rand')
-rw-r--r-- | openssl/crypto/rand/md_rand.c | 24 | ||||
-rw-r--r-- | openssl/crypto/rand/rand_lcl.h | 1 | ||||
-rw-r--r-- | openssl/crypto/rand/rand_lib.c | 3 | ||||
-rw-r--r-- | openssl/crypto/rand/randfile.c | 1 |
4 files changed, 11 insertions, 18 deletions
diff --git a/openssl/crypto/rand/md_rand.c b/openssl/crypto/rand/md_rand.c index aee1c30b0..888b4eb8d 100644 --- a/openssl/crypto/rand/md_rand.c +++ b/openssl/crypto/rand/md_rand.c @@ -159,7 +159,6 @@ const char RAND_version[]="RAND" OPENSSL_VERSION_PTEXT; static void ssleay_rand_cleanup(void); static void ssleay_rand_seed(const void *buf, int num); static void ssleay_rand_add(const void *buf, int num, double add_entropy); -static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo); static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num); static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num); static int ssleay_rand_status(void); @@ -334,7 +333,7 @@ static void ssleay_rand_seed(const void *buf, int num) ssleay_rand_add(buf, num, (double)num); } -static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo) +int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock) { static volatile int stirred_pool = 0; int i,j,k,st_num,st_idx; @@ -383,10 +382,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo) * are fed into the hash function and the results are kept in the * global 'md'. */ -#ifdef OPENSSL_FIPS - /* NB: in FIPS mode we are already under a lock */ - if (!FIPS_mode()) -#endif + if (lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND); /* prevent ssleay_rand_bytes() from trying to obtain the lock again */ @@ -466,9 +462,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo) /* before unlocking, we must clear 'crypto_lock_rand' */ crypto_lock_rand = 0; -#ifdef OPENSSL_FIPS - if (!FIPS_mode()) -#endif + if (lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND); while (num > 0) @@ -521,15 +515,11 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo) MD_Init(&m); MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)); MD_Update(&m,local_md,MD_DIGEST_LENGTH); -#ifdef OPENSSL_FIPS - if (!FIPS_mode()) -#endif + if (lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND); MD_Update(&m,md,MD_DIGEST_LENGTH); MD_Final(&m,md); -#ifdef OPENSSL_FIPS - if (!FIPS_mode()) -#endif + if (lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND); EVP_MD_CTX_cleanup(&m); @@ -548,14 +538,14 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo) static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num) { - return ssleay_rand_bytes(buf, num, 0); + return ssleay_rand_bytes(buf, num, 0, 1); } /* pseudo-random bytes that are guaranteed to be unique but not unpredictable */ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) { - return ssleay_rand_bytes(buf, num, 1); + return ssleay_rand_bytes(buf, num, 1, 1); } static int ssleay_rand_status(void) diff --git a/openssl/crypto/rand/rand_lcl.h b/openssl/crypto/rand/rand_lcl.h index 618a8ec89..0fabf8dc5 100644 --- a/openssl/crypto/rand/rand_lcl.h +++ b/openssl/crypto/rand/rand_lcl.h @@ -154,5 +154,6 @@ #define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md2(), NULL) #endif +int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock); #endif diff --git a/openssl/crypto/rand/rand_lib.c b/openssl/crypto/rand/rand_lib.c index 5ac0e14ca..239a1cde8 100644 --- a/openssl/crypto/rand/rand_lib.c +++ b/openssl/crypto/rand/rand_lib.c @@ -68,6 +68,7 @@ #ifdef OPENSSL_FIPS #include <openssl/fips.h> #include <openssl/fips_rand.h> +#include "rand_lcl.h" #endif #ifndef OPENSSL_NO_ENGINE @@ -199,7 +200,7 @@ static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout, *pout = OPENSSL_malloc(min_len); if (!*pout) return 0; - if (RAND_SSLeay()->bytes(*pout, min_len) <= 0) + if (ssleay_rand_bytes(*pout, min_len, 0, 0) <= 0) { OPENSSL_free(*pout); *pout = NULL; diff --git a/openssl/crypto/rand/randfile.c b/openssl/crypto/rand/randfile.c index 7f1428072..14ba69d4c 100644 --- a/openssl/crypto/rand/randfile.c +++ b/openssl/crypto/rand/randfile.c @@ -79,6 +79,7 @@ #endif #ifndef OPENSSL_NO_POSIX_IO # include <sys/stat.h> +# include <fcntl.h> #endif #ifdef _WIN32 |