Add RAND_get_system_entropy_for_custom_prng
This adds a boringssl interface to get up to 256 bytes of system
entropy from system entropy sources without going through
RAND_bytes. It should only be used for seeding custom prng's
or where malloc() should not be called from boringssl.
Just as with RAND_bytes(), this can abort the program on failure.
Bug: chromium:1295105
Change-Id: Ia55509702970608fe09cfee9809d02f107c15c8c
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/54045
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
diff --git a/crypto/fipsmodule/rand/rand.c b/crypto/fipsmodule/rand/rand.c
index bf0f486..b3c8a74 100644
--- a/crypto/fipsmodule/rand/rand.c
+++ b/crypto/fipsmodule/rand/rand.c
@@ -469,3 +469,10 @@
int RAND_pseudo_bytes(uint8_t *buf, size_t len) {
return RAND_bytes(buf, len);
}
+
+void RAND_get_system_entropy_for_custom_prng(uint8_t *buf, size_t len) {
+ if (len > 256) {
+ abort();
+ }
+ CRYPTO_sysrand_for_seed(buf, len);
+}
diff --git a/include/openssl/rand.h b/include/openssl/rand.h
index bd41f9e..586274d 100644
--- a/include/openssl/rand.h
+++ b/include/openssl/rand.h
@@ -25,9 +25,20 @@
// Random number generation.
-// RAND_bytes writes |len| bytes of random data to |buf| and returns one.
+// RAND_bytes writes |len| bytes of random data to |buf| and returns one. In the
+// event that sufficient random data can not be obtained, |abort| is called.
OPENSSL_EXPORT int RAND_bytes(uint8_t *buf, size_t len);
+// RAND_get_system_entropy_for_custom_prng writes |len| bytes of random data
+// from a system entropy source to |buf|. The maximum length of entropy which
+// may be requested is 256 bytes. If more than 256 bytes of data is requested,
+// or if sufficient random data can not be obtained, |abort| is called.
+// |RAND_bytes| should normally be used instead of this function. This function
+// should only be used for seed values or where |malloc| should not be called
+// from BoringSSL. This function is not FIPS compliant.
+OPENSSL_EXPORT void RAND_get_system_entropy_for_custom_prng(uint8_t *buf,
+ size_t len);
+
// RAND_cleanup frees any resources used by the RNG. This is not safe if other
// threads might still be calling |RAND_bytes|.
OPENSSL_EXPORT void RAND_cleanup(void);