mirror of
https://github.com/openssl/openssl.git
synced 2024-12-27 06:21:43 +08:00
7998e7dc07
The 'rand_generate' method is not well suited for being used with weak entropy sources in the 'get_entropy' callback, because the caller needs to provide a preallocated buffer without knowing how much bytes are actually needed to collect the required entropy. Instead we use the 'rand_get_seed' and 'rand_clear_seed' methods which were exactly designed for this purpose: it's the callee who allocates and fills the buffer, and finally cleans it up again. The 'rand_get_seed' and 'rand_clear_seed' methods are currently optional for a provided random generator. We could fall back to using 'rand_generate' if those methods are not implemented. However, imo it would be better to simply make them an officially documented requirement for seed sources. Fixes #22332 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22394) |
||
|---|---|---|
| .. | ||
| seeding | ||
| build.info | ||
| crngt.c | ||
| drbg_ctr.c | ||
| drbg_hash.c | ||
| drbg_hmac.c | ||
| drbg_local.h | ||
| drbg.c | ||
| seed_src.c | ||
| test_rng.c | ||