summaryrefslogtreecommitdiff
path: root/main/openssl/crypto/rand
diff options
context:
space:
mode:
Diffstat (limited to 'main/openssl/crypto/rand')
-rw-r--r--main/openssl/crypto/rand/md_rand.c24
-rw-r--r--main/openssl/crypto/rand/rand_lcl.h1
-rw-r--r--main/openssl/crypto/rand/rand_lib.c3
-rw-r--r--main/openssl/crypto/rand/randfile.c1
4 files changed, 11 insertions, 18 deletions
diff --git a/main/openssl/crypto/rand/md_rand.c b/main/openssl/crypto/rand/md_rand.c
index aee1c30b..888b4eb8 100644
--- a/main/openssl/crypto/rand/md_rand.c
+++ b/main/openssl/crypto/rand/md_rand.c
@@ -159,7 +159,6 @@ const char RAND_version[]="RAND" OPENSSL_VERSION_PTEXT;
static void ssleay_rand_cleanup(void);
static void ssleay_rand_seed(const void *buf, int num);
static void ssleay_rand_add(const void *buf, int num, double add_entropy);
-static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo);
static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num);
static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);
static int ssleay_rand_status(void);
@@ -334,7 +333,7 @@ static void ssleay_rand_seed(const void *buf, int num)
ssleay_rand_add(buf, num, (double)num);
}
-static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
+int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock)
{
static volatile int stirred_pool = 0;
int i,j,k,st_num,st_idx;
@@ -383,10 +382,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
* are fed into the hash function and the results are kept in the
* global 'md'.
*/
-#ifdef OPENSSL_FIPS
- /* NB: in FIPS mode we are already under a lock */
- if (!FIPS_mode())
-#endif
+ if (lock)
CRYPTO_w_lock(CRYPTO_LOCK_RAND);
/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
@@ -466,9 +462,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
/* before unlocking, we must clear 'crypto_lock_rand' */
crypto_lock_rand = 0;
-#ifdef OPENSSL_FIPS
- if (!FIPS_mode())
-#endif
+ if (lock)
CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
while (num > 0)
@@ -521,15 +515,11 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
MD_Init(&m);
MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
MD_Update(&m,local_md,MD_DIGEST_LENGTH);
-#ifdef OPENSSL_FIPS
- if (!FIPS_mode())
-#endif
+ if (lock)
CRYPTO_w_lock(CRYPTO_LOCK_RAND);
MD_Update(&m,md,MD_DIGEST_LENGTH);
MD_Final(&m,md);
-#ifdef OPENSSL_FIPS
- if (!FIPS_mode())
-#endif
+ if (lock)
CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
EVP_MD_CTX_cleanup(&m);
@@ -548,14 +538,14 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num)
{
- return ssleay_rand_bytes(buf, num, 0);
+ return ssleay_rand_bytes(buf, num, 0, 1);
}
/* pseudo-random bytes that are guaranteed to be unique but not
unpredictable */
static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
{
- return ssleay_rand_bytes(buf, num, 1);
+ return ssleay_rand_bytes(buf, num, 1, 1);
}
static int ssleay_rand_status(void)
diff --git a/main/openssl/crypto/rand/rand_lcl.h b/main/openssl/crypto/rand/rand_lcl.h
index 618a8ec8..0fabf8dc 100644
--- a/main/openssl/crypto/rand/rand_lcl.h
+++ b/main/openssl/crypto/rand/rand_lcl.h
@@ -154,5 +154,6 @@
#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md2(), NULL)
#endif
+int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock);
#endif
diff --git a/main/openssl/crypto/rand/rand_lib.c b/main/openssl/crypto/rand/rand_lib.c
index 5ac0e14c..239a1cde 100644
--- a/main/openssl/crypto/rand/rand_lib.c
+++ b/main/openssl/crypto/rand/rand_lib.c
@@ -68,6 +68,7 @@
#ifdef OPENSSL_FIPS
#include <openssl/fips.h>
#include <openssl/fips_rand.h>
+#include "rand_lcl.h"
#endif
#ifndef OPENSSL_NO_ENGINE
@@ -199,7 +200,7 @@ static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout,
*pout = OPENSSL_malloc(min_len);
if (!*pout)
return 0;
- if (RAND_SSLeay()->bytes(*pout, min_len) <= 0)
+ if (ssleay_rand_bytes(*pout, min_len, 0, 0) <= 0)
{
OPENSSL_free(*pout);
*pout = NULL;
diff --git a/main/openssl/crypto/rand/randfile.c b/main/openssl/crypto/rand/randfile.c
index 7f142807..14ba69d4 100644
--- a/main/openssl/crypto/rand/randfile.c
+++ b/main/openssl/crypto/rand/randfile.c
@@ -79,6 +79,7 @@
#endif
#ifndef OPENSSL_NO_POSIX_IO
# include <sys/stat.h>
+# include <fcntl.h>
#endif
#ifdef _WIN32