bignum: harmonize ssh_get_random

4 files changed, 20 insertions, 32 deletions

diff --git a/include/libssh/libcrypto.h b/include/libssh/libcrypto.h
index 6a08837a..883f5530 100644
--- a/include/libssh/libcrypto.h
+++ b/include/libssh/libcrypto.h
@@ -73,7 +73,7 @@ typedef BN_CTX* bignum_CTX;
 #define bignum_bn2dec(num) BN_bn2dec(num)
 #define bignum_dec2bn(bn,data) BN_dec2bn(data,bn)
 #define bignum_bn2hex(num) BN_bn2hex(num)
-#define bignum_rand(rnd, bits, top, bottom) BN_rand(rnd,bits,top,bottom)
+#define bignum_rand(rnd, bits) BN_rand(rnd,bits,0,1)
 #define bignum_ctx_new() BN_CTX_new()
 #define bignum_ctx_free(num) BN_CTX_free(num)
 #define bignum_mod_exp(dest,generator,exp,modulo,ctx) BN_mod_exp(dest,generator,exp,modulo,ctx)
diff --git a/src/dh.c b/src/dh.c
index 18e4ff06..bff780fc 100644
--- a/src/dh.c
+++ b/src/dh.c
@@ -121,28 +121,6 @@ static bignum select_p(enum ssh_key_exchange_e type) {
     return type == SSH_KEX_DH_GROUP14_SHA1 ? p_group14 : p_group1;
 }
 
-int ssh_get_random(void *where, int len, int strong){
-
-#ifdef HAVE_LIBGCRYPT
-  /* variable not used in gcrypt */
-  (void) strong;
-  /* not using GCRY_VERY_STRONG_RANDOM which is a bit overkill */
-  gcry_randomize(where,len,GCRY_STRONG_RANDOM);
-
-  return 1;
-#elif defined HAVE_LIBCRYPTO
-  if (strong) {
-    return RAND_bytes(where,len);
-  } else {
-    return RAND_pseudo_bytes(where,len);
-  }
-#endif
-
-  /* never reached */
-  return 1;
-}
-
-
 /*
  * This inits the values g and p which are used for DH key agreement
  * FIXME: Make the function thread safe by adding a semaphore or mutex.
@@ -238,11 +216,7 @@ int ssh_dh_generate_x(ssh_session session) {
     return -1;
   }
 
-#ifdef HAVE_LIBGCRYPT
   bignum_rand(session->next_crypto->x, keysize);
-#elif defined HAVE_LIBCRYPTO
-  bignum_rand(session->next_crypto->x, keysize, -1, 0);
-#endif
 
   /* not harder than this */
 #ifdef DEBUG_CRYPTO
@@ -265,11 +239,7 @@ int ssh_dh_generate_y(ssh_session session) {
     return -1;
   }
 
-#ifdef HAVE_LIBGCRYPT
   bignum_rand(session->next_crypto->y, keysize);
-#elif defined HAVE_LIBCRYPTO
-  bignum_rand(session->next_crypto->y, keysize, -1, 0);
-#endif
 
   /* not harder than this */
 #ifdef DEBUG_CRYPTO
diff --git a/src/libcrypto.c b/src/libcrypto.c
index ac950109..203f3a70 100644
--- a/src/libcrypto.c
+++ b/src/libcrypto.c
@@ -77,6 +77,16 @@ void ssh_reseed(void){
 #endif
 }
 
+int ssh_get_random(void *where, int len, int strong){
+  if (strong) {
+    return RAND_bytes(where,len);
+  } else {
+    return RAND_pseudo_bytes(where,len);
+  }
+  /* never reached */
+  return 1;
+}
+
 SHACTX sha1_init(void)
 {
     int rc;
diff --git a/src/libgcrypt.c b/src/libgcrypt.c
index 60f6536c..69f2ddc0 100644
--- a/src/libgcrypt.c
+++ b/src/libgcrypt.c
@@ -48,7 +48,15 @@ static int alloc_key(struct ssh_cipher_struct *cipher) {
 }
 
 void ssh_reseed(void){
-	}
+}
+
+int ssh_get_random(void *where, int len, int strong){
+  /* variable not used in gcrypt */
+  (void) strong;
+  /* not using GCRY_VERY_STRONG_RANDOM which is a bit overkill */
+  gcry_randomize(where,len,GCRY_STRONG_RANDOM);
+  return 1;
+}
 
 SHACTX sha1_init(void) {
   SHACTX ctx = NULL;