mirror of
https://github.com/openssl/openssl.git
synced 2024-12-27 06:21:43 +08:00
7998e7dc07
The 'rand_generate' method is not well suited for being used with weak entropy sources in the 'get_entropy' callback, because the caller needs to provide a preallocated buffer without knowing how much bytes are actually needed to collect the required entropy. Instead we use the 'rand_get_seed' and 'rand_clear_seed' methods which were exactly designed for this purpose: it's the callee who allocates and fills the buffer, and finally cleans it up again. The 'rand_get_seed' and 'rand_clear_seed' methods are currently optional for a provided random generator. We could fall back to using 'rand_generate' if those methods are not implemented. However, imo it would be better to simply make them an officially documented requirement for seed sources. Fixes #22332 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22394) |
||
|---|---|---|
| .. | ||
| asymciphers | ||
| ciphers | ||
| digests | ||
| encode_decode | ||
| exchange | ||
| include/prov | ||
| kdfs | ||
| kem | ||
| keymgmt | ||
| macs | ||
| rands | ||
| signature | ||
| storemgmt | ||
| build.info | ||