diff options
| author | Rich Salz <rsalz@openssl.org> | 2017-08-03 09:23:28 -0400 |
|---|---|---|
| committer | Rich Salz <rsalz@openssl.org> | 2017-08-03 09:23:28 -0400 |
| commit | 75e2c877650444fb829547bdb58d46eb1297bc1a (patch) | |
| tree | 67ad6280bccdca4ae95cc269b1994ea4c1557aa7 /apps | |
| parent | 67dc995eaf538ea309c6292a1a5073465201f55b (diff) | |
| download | openssl-75e2c877650444fb829547bdb58d46eb1297bc1a.tar.gz | |
Switch from ossl_rand to DRBG rand
If RAND_add wraps around, XOR with existing. Add test to drbgtest that
does the wrap-around.
Re-order seeding and stop after first success.
Add RAND_poll_ex()
Use the DF and therefore lower RANDOMNESS_NEEDED. Also, for child DRBG's,
mix in the address as the personalization bits.
Centralize the entropy callbacks, from drbg_lib to rand_lib.
(Conceptually, entropy is part of the enclosing application.)
Thanks to Dr. Matthias St Pierre for the suggestion.
Various code cleanups:
-Make state an enum; inline RANDerr calls.
-Add RAND_POLL_RETRIES (thanks Pauli for the idea)
-Remove most RAND_seed calls from rest of library
-Rename DRBG_CTX to RAND_DRBG, etc.
-Move some code from drbg_lib to drbg_rand; drbg_lib is now only the
implementation of NIST DRBG.
-Remove blocklength
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4019)
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/speed.c | 14 |
1 files changed, 0 insertions, 14 deletions
diff --git a/apps/speed.c b/apps/speed.c index 2d943b12e2..4a2a4a9069 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -247,11 +247,6 @@ static double ecdsa_results[EC_NUM][2]; static double ecdh_results[EC_NUM][1]; #endif -#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC) -static const char rnd_seed[] = - "string to make the random number generator think it has randomness"; -#endif - #ifdef SIGALRM # if defined(__STDC__) || defined(sgi) || defined(_AIX) # define SIGRETTYPE void @@ -2397,9 +2392,6 @@ int speed_main(int argc, char **argv) RAND_bytes(loopargs[i].buf, 36); #ifndef OPENSSL_NO_DSA - if (RAND_status() != 1) { - RAND_seed(rnd_seed, sizeof rnd_seed); - } for (testnum = 0; testnum < DSA_NUM; testnum++) { int st = 0; if (!dsa_doit[testnum]) @@ -2467,9 +2459,6 @@ int speed_main(int argc, char **argv) #endif /* OPENSSL_NO_DSA */ #ifndef OPENSSL_NO_EC - if (RAND_status() != 1) { - RAND_seed(rnd_seed, sizeof rnd_seed); - } for (testnum = 0; testnum < EC_NUM; testnum++) { int st = 1; @@ -2554,9 +2543,6 @@ int speed_main(int argc, char **argv) } } - if (RAND_status() != 1) { - RAND_seed(rnd_seed, sizeof rnd_seed); - } for (testnum = 0; testnum < EC_NUM; testnum++) { int ecdh_checks = 1; |