diff options
| author | NIIBE Yutaka <gniibe@fsij.org> | 2021-11-18 12:02:24 +0900 |
|---|---|---|
| committer | NIIBE Yutaka <gniibe@fsij.org> | 2021-11-18 12:04:21 +0900 |
| commit | 5493282b4aacd6b466c4ddd366ce9eb4036b3562 (patch) | |
| tree | 078569182cf1efea1072866900b3fb1760304fc1 /random | |
| parent | 2101da04924b1361e2a1021b406a519a3bde9aee (diff) | |
| download | libgcrypt-5493282b4aacd6b466c4ddd366ce9eb4036b3562.tar.gz | |
random: Fix rndgetentropy correctly uses rndjent.
* random/rndgetentropy.c (_gcry_rndgetentropy_gather_random): Call
_gcry_rndjent_poll for GCRY_VERY_STRONG_RANDOM.
--
GnuPG-bug-id: 5692
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
Diffstat (limited to 'random')
| -rw-r--r-- | random/random-csprng.c | 3 | ||||
| -rw-r--r-- | random/random-drbg.c | 3 | ||||
| -rw-r--r-- | random/random-fips.c | 3 | ||||
| -rw-r--r-- | random/random-system.c | 3 | ||||
| -rw-r--r-- | random/rndgetentropy.c | 16 |
5 files changed, 22 insertions, 6 deletions
diff --git a/random/random-csprng.c b/random/random-csprng.c index 1664b708..6d6c082e 100644 --- a/random/random-csprng.c +++ b/random/random-csprng.c @@ -354,7 +354,8 @@ _gcry_rngcsprng_close_fds (void) lock_pool (); #if USE_RNDGETENTROPY _gcry_rndgetentropy_gather_random (NULL, 0, 0, 0); -#elif USE_RNDLINUX +#endif +#if USE_RNDLINUX _gcry_rndlinux_gather_random (NULL, 0, 0, 0); #endif pool_filled = 0; /* Force re-open on next use. */ diff --git a/random/random-drbg.c b/random/random-drbg.c index dc8c7044..d44d11db 100644 --- a/random/random-drbg.c +++ b/random/random-drbg.c @@ -1871,7 +1871,8 @@ _gcry_rngdrbg_close_fds (void) drbg_lock (); #if USE_RNDGETENTROPY _gcry_rndgetentropy_gather_random (NULL, 0, 0, 0); -#elif USE_RNDLINUX +#endif +#if USE_RNDLINUX _gcry_rndlinux_gather_random (NULL, 0, 0, 0); #endif drbg_unlock (); diff --git a/random/random-fips.c b/random/random-fips.c index 967b1a83..5c251684 100644 --- a/random/random-fips.c +++ b/random/random-fips.c @@ -787,7 +787,8 @@ _gcry_rngfips_close_fds (void) lock_rng (); #if USE_RNDGETENTROPY _gcry_rndgetentropy_gather_random (NULL, 0, 0, 0); -#elif USE_RNDLINUX +#endif +#if USE_RNDLINUX _gcry_rndlinux_gather_random (NULL, 0, 0, 0); #endif unlock_rng (); diff --git a/random/random-system.c b/random/random-system.c index 2ac8df9e..8e50120c 100644 --- a/random/random-system.c +++ b/random/random-system.c @@ -197,7 +197,8 @@ _gcry_rngsystem_close_fds (void) lock_rng (); #if USE_RNDGETENTROPY _gcry_rndgetentropy_gather_random (NULL, 0, 0, 0); -#elif USE_RNDLINUX +#endif +#if USE_RNDLINUX _gcry_rndlinux_gather_random (NULL, 0, 0, 0); #endif unlock_rng (); diff --git a/random/rndgetentropy.c b/random/rndgetentropy.c index 5a033276..a64b7299 100644 --- a/random/rndgetentropy.c +++ b/random/rndgetentropy.c @@ -41,8 +41,6 @@ _gcry_rndgetentropy_gather_random (void (*add)(const void*, size_t, { byte buffer[256]; - (void)level; - if (!add) { /* Special mode to release resouces. */ @@ -50,6 +48,20 @@ _gcry_rndgetentropy_gather_random (void (*add)(const void*, size_t, return 0; } + /* When using a blocking random generator try to get some entropy + * from the jitter based RNG. In this case we take up to 50% of the + * remaining requested bytes. */ + if (level >= GCRY_VERY_STRONG_RANDOM) + { + size_t n; + + n = _gcry_rndjent_poll (add, origin, length/2); + if (n > length/2) + n = length/2; + if (length > 1) + length -= n; + } + /* Enter the loop. */ while (length) { |