From 8c64ad00a366095ac3d575f3605cb6e4659d6b81 Mon Sep 17 00:00:00 2001 From: "C. McEnroe" Date: Tue, 24 Nov 2020 17:48:21 -0500 Subject: Import LibreSSL 3.3.0 --- compat/getentropy_freebsd.c | 6 ++---- compat/getentropy_netbsd.c | 6 ++---- compat/getentropy_win.c | 27 +++++++++------------------ 3 files changed, 13 insertions(+), 26 deletions(-) (limited to 'compat') diff --git a/compat/getentropy_freebsd.c b/compat/getentropy_freebsd.c index 30cd68e..ea90ffe 100644 --- a/compat/getentropy_freebsd.c +++ b/compat/getentropy_freebsd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: getentropy_freebsd.c,v 1.3 2016/08/07 03:27:21 tb Exp $ */ +/* $OpenBSD: getentropy_freebsd.c,v 1.4 2020/10/12 22:08:33 deraadt Exp $ */ /* * Copyright (c) 2014 Pawel Jakub Dawidek @@ -32,11 +32,9 @@ static size_t getentropy_sysctl(u_char *buf, size_t size) { - int mib[2]; + const int mib[2] = { CTL_KERN, KERN_ARND }; size_t len, done; - mib[0] = CTL_KERN; - mib[1] = KERN_ARND; done = 0; do { diff --git a/compat/getentropy_netbsd.c b/compat/getentropy_netbsd.c index 45d68c9..5dc8959 100644 --- a/compat/getentropy_netbsd.c +++ b/compat/getentropy_netbsd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: getentropy_netbsd.c,v 1.3 2016/08/07 03:27:21 tb Exp $ */ +/* $OpenBSD: getentropy_netbsd.c,v 1.4 2020/10/12 22:08:33 deraadt Exp $ */ /* * Copyright (c) 2014 Pawel Jakub Dawidek @@ -32,11 +32,9 @@ static size_t getentropy_sysctl(u_char *buf, size_t size) { - int mib[2]; + const int mib[2] = { CTL_KERN, KERN_ARND }; size_t len, done; - mib[0] = CTL_KERN; - mib[1] = KERN_ARND; done = 0; do { diff --git a/compat/getentropy_win.c b/compat/getentropy_win.c index 2abeb27..64514b3 100644 --- a/compat/getentropy_win.c +++ b/compat/getentropy_win.c @@ -1,4 +1,4 @@ -/* $OpenBSD: getentropy_win.c,v 1.5 2016/08/07 03:27:21 tb Exp $ */ +/* $OpenBSD: getentropy_win.c,v 1.6 2020/11/11 10:41:24 bcook Exp $ */ /* * Copyright (c) 2014, Theo de Raadt @@ -21,39 +21,30 @@ */ #include +#include #include #include #include -#include -#include int getentropy(void *buf, size_t len); /* - * On Windows, CryptGenRandom is supposed to be a well-seeded - * cryptographically strong random number generator. + * On Windows, BCryptGenRandom with BCRYPT_USE_SYSTEM_PREFERRED_RNG is supposed + * to be a well-seeded, cryptographically strong random number generator. + * https://docs.microsoft.com/en-us/windows/win32/api/bcrypt/nf-bcrypt-bcryptgenrandom */ int getentropy(void *buf, size_t len) { - HCRYPTPROV provider; - if (len > 256) { errno = EIO; return (-1); } - if (CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL, - CRYPT_VERIFYCONTEXT) == 0) - goto fail; - if (CryptGenRandom(provider, len, buf) == 0) { - CryptReleaseContext(provider, 0); - goto fail; + if (FAILED(BCryptGenRandom(NULL, buf, len, BCRYPT_USE_SYSTEM_PREFERRED_RNG))) { + errno = EIO; + return (-1); } - CryptReleaseContext(provider, 0); - return (0); -fail: - errno = EIO; - return (-1); + return (0); } -- cgit 1.4.1