Use OpenSSL random functions

Let *that* cycle back into the provider and call C_GenerateRandom() if that's how the properties end up wiring things. Fixes #280 Signed-off-by: Simo Sorce <[email protected]>
latchset · May 30, 2024 · 6eb4880 · 6eb4880
1 parent 8a38819
commit 6eb4880
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/src/keymgmt.c b/src/keymgmt.c
@@ -3,6 +3,7 @@
 
 #include "provider.h"
 #include "platform/endian.h"
+#include "openssl/rand.h"
 #include <string.h>
 
 #define DFLT_DIGEST "SHA256"
@@ -498,9 +499,13 @@ static int p11prov_common_gen(struct key_generator *ctx,
     sh = p11prov_session_handle(session);
 
     if (cka_id.ulValueLen == 0) {
+        int err = RET_OSSL_ERR;
         /* generate unique id for the key */
-        ret = p11prov_GenerateRandom(ctx->provctx, sh, id, sizeof(id));
-        if (ret != CKR_OK) {
+        err = RAND_priv_bytes_ex(p11prov_ctx_get_libctx(ctx->provctx), id,
+                                 sizeof(id), 0);
+        if (err != RET_OSSL_OK) {
+            ret = CKR_GENERAL_ERROR;
+            P11PROV_raise(ctx->provctx, ret, "Failed to source random buffer");
             goto done;
         }
         cka_id.type = CKA_ID;