aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Schneider <asn@cryptomilk.org>2018-07-05 08:56:33 +0200
committerAndreas Schneider <asn@cryptomilk.org>2018-07-05 12:12:17 +0200
commit38c53db9533a3e0ac446ee0a83dac8768d282de9 (patch)
tree954a5bcebea2915bc947b92c73dd36b5ac5ba2e2
parentc503bb572eee1a166ce5e631785b7d24e6319605 (diff)
downloadlibssh-38c53db9533a3e0ac446ee0a83dac8768d282de9.tar.gz
libssh-38c53db9533a3e0ac446ee0a83dac8768d282de9.tar.xz
libssh-38c53db9533a3e0ac446ee0a83dac8768d282de9.zip
libcrypto: Use new RAND_priv_bytes() for strong randomness
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--ConfigureChecks.cmake4
-rw-r--r--src/libcrypto.c7
2 files changed, 11 insertions, 0 deletions
diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake
index 677c98b4..07c53c73 100644
--- a/ConfigureChecks.cmake
+++ b/ConfigureChecks.cmake
@@ -120,6 +120,10 @@ if (OPENSSL_FOUND)
set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARY})
check_function_exists(EVP_CIPHER_CTX_new HAVE_OPENSSL_EVP_CIPHER_CTX_NEW)
+ set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
+ set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARY})
+ check_function_exists(RAND_priv_bytes HAVE_OPENSSL_RAND_PRIV_BYTES)
+
unset(CMAKE_REQUIRED_INCLUDES)
unset(CMAKE_REQUIRED_LIBRARIES)
endif()
diff --git a/src/libcrypto.c b/src/libcrypto.c
index 46570294..846e37e1 100644
--- a/src/libcrypto.c
+++ b/src/libcrypto.c
@@ -93,7 +93,14 @@ void ssh_reseed(void){
*/
int ssh_get_random(void *where, int len, int strong)
{
+#ifdef HAVE_OPENSSL_RAND_PRIV_BYTES
+ if (strong) {
+ /* Returns -1 when not supported, 0 on error, 1 on success */
+ return !!RAND_priv_bytes(where, len);
+ }
+#else
(void)strong;
+#endif /* HAVE_RAND_PRIV_BYTES */
/* Returns -1 when not supported, 0 on error, 1 on success */
return !!RAND_bytes(where, len);