diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-10-31 11:40:12 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-11-04 02:54:06 +0100 |
| commit | fea6c3ca8f869752f4f79f724fbb8736e961fd88 (patch) | |
| tree | 519158051feca47e579a3701921f8de6471d0b1c | |
| parent | aa204320cc0abbf038988034671821a4a23eccd9 (diff) | |
| download | gnutls-fea6c3ca8f869752f4f79f724fbb8736e961fd88.tar.gz | |
_gnutls_rnd_check: call _rnd_system_entropy_check directly
| -rw-r--r-- | lib/crypto-backend.h | 3 | ||||
| -rw-r--r-- | lib/nettle/rnd-fips.c | 10 | ||||
| -rw-r--r-- | lib/nettle/rnd.c | 10 | ||||
| -rw-r--r-- | lib/random.h | 6 |
4 files changed, 3 insertions, 26 deletions
diff --git a/lib/crypto-backend.h b/lib/crypto-backend.h index 3d979d84ec..6f4b743b88 100644 --- a/lib/crypto-backend.h +++ b/lib/crypto-backend.h @@ -73,8 +73,7 @@ typedef struct { } gnutls_crypto_digest_st; typedef struct gnutls_crypto_rnd { - int (*init) (void **ctx); - int (*check) (void **ctx); + int (*init) (void **ctx); /* called prior to first usage of randomness */ int (*rnd) (void *ctx, int level, void *data, size_t datasize); void (*rnd_refresh) (void *ctx); void (*deinit) (void *ctx); diff --git a/lib/nettle/rnd-fips.c b/lib/nettle/rnd-fips.c index ef64649c8f..59795a9529 100644 --- a/lib/nettle/rnd-fips.c +++ b/lib/nettle/rnd-fips.c @@ -226,15 +226,6 @@ static void _rngfips_deinit(void *_ctx) free(ctx); } -/* This is called when gnutls_global_init() is called for second time. - * It must check whether any resources are still available. - * The particular problem it solves is to verify that the urandom fd is still - * open (for applications that for some reason closed all fds */ -static int _rndfips_check(void **ctx) -{ - return _rnd_system_entropy_check(); -} - static void _rngfips_refresh(void *_ctx) { /* this is predictable RNG. Don't refresh */ @@ -260,7 +251,6 @@ static int selftest_kat(void) gnutls_crypto_rnd_st _gnutls_fips_rnd_ops = { .init = _rngfips_init, - .check = _rndfips_check, .deinit = _rngfips_deinit, .rnd = _rngfips_rnd, .rnd_refresh = _rngfips_refresh, diff --git a/lib/nettle/rnd.c b/lib/nettle/rnd.c index 8a5a76286c..39b99e1916 100644 --- a/lib/nettle/rnd.c +++ b/lib/nettle/rnd.c @@ -257,15 +257,6 @@ static int wrap_nettle_rnd_init(void **ctx) return 0; } -/* This is called when gnutls_global_init() is called for second time. - * It must check whether any resources are still available. - * The particular problem it solves is to verify that the urandom fd is still - * open (for applications that for some reason closed all fds */ -static int wrap_nettle_rnd_check(void **ctx) -{ - return _rnd_system_entropy_check(); -} - static int wrap_nettle_rnd_nonce(void *_ctx, void *data, size_t datasize) { @@ -373,7 +364,6 @@ int crypto_rnd_prio = INT_MAX; gnutls_crypto_rnd_st _gnutls_rnd_ops = { .init = wrap_nettle_rnd_init, - .check = wrap_nettle_rnd_check, .deinit = wrap_nettle_rnd_deinit, .rnd = wrap_nettle_rnd, .rnd_refresh = wrap_nettle_rnd_refresh, diff --git a/lib/random.h b/lib/random.h index 59e3f3c0c4..1538ec8da6 100644 --- a/lib/random.h +++ b/lib/random.h @@ -25,6 +25,7 @@ #include <gnutls/crypto.h> #include <crypto-backend.h> +#include "nettle/rnd-common.h" extern int crypto_rnd_prio; extern void *gnutls_rnd_ctx; @@ -50,10 +51,7 @@ int _gnutls_rnd_init(void); inline static int _gnutls_rnd_check(void) { - if (_gnutls_rnd_ops.check) - return _gnutls_rnd_ops.check(gnutls_rnd_ctx); - else - return 0; + return _rnd_system_entropy_check(); } #ifndef _WIN32 |