Skip to content

Commit

Permalink
Use OpenSSL random functions
Browse files Browse the repository at this point in the history
Let *that* cycle back into the provider and call C_GenerateRandom()
if that's how the properties end up wiring things.

Fixes latchset#280

Signed-off-by: Simo Sorce <[email protected]>
  • Loading branch information
simo5 committed May 30, 2024
1 parent d8e2823 commit 0faf382
Showing 1 changed file with 7 additions and 2 deletions.
9 changes: 7 additions & 2 deletions src/keymgmt.c
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@

#include "provider.h"
#include "platform/endian.h"
#include "openssl/rand.h"
#include <string.h>

#define DFLT_DIGEST "SHA256"
Expand Down Expand Up @@ -498,9 +499,13 @@ static void *p11prov_common_gen(struct key_generator *ctx,
sh = p11prov_session_handle(session);

if (cka_id.ulValueLen == 0) {
int err = RET_OSSL_ERR;
/* generate unique id for the key */
ret = p11prov_GenerateRandom(ctx->provctx, sh, id, sizeof(id));
if (ret != CKR_OK) {
err = RAND_priv_bytes_ex(p11prov_ctx_get_libctx(ctx->provctx),
id, sizeof(id), 0);
if (err != RET_OSSL_OK) {
ret = CKR_GENERAL_ERROR;
P11PROV_raise(ctx->provctx, ret, "Failed to source random buffer");
goto done;
}
cka_id.type = CKA_ID;
Expand Down

0 comments on commit 0faf382

Please sign in to comment.