Merge branch 'local', drop openssl helper

Conflicts:
	lib/ncrypto_local.c

2 files changed, 20 insertions, 20 deletions

diff --git a/lib/ncrypto_local.c b/lib/ncrypto_local.c
index 5a138fc..1d761cd 100644
--- a/lib/ncrypto_local.c
+++ b/lib/ncrypto_local.c
@@ -28,34 +28,15 @@ Red Hat author: Miloslav Trmač <mitr@redhat.com> */
 
 #include <stdbool.h>
 #include <stdint.h>
+#include <stdlib.h>
 #include <string.h>
 
 #include <glib.h>
-#include <openssl/rand.h>
 
 #include <ncrypto/ncrypto.h>
 
 #include "internal.h"
 
- /* Helpers */
-
-static CK_RV
-ckr_openssl (void)
-{
-  /* FIXME: better error handling?  This will be replaced anyway. */
-  return CKR_GENERAL_ERROR;
-}
-
- /* Random numbers */
-
-CK_RV
-ncr_get_random_bytes (void *dest, size_t size)
-{
-  /* This is not strong enough, we need cryptographically strong random
-     numbers! */
-  return RAND_pseudo_bytes (dest, size) != 0 ? CKR_OK : ckr_openssl ();
-}
-
  /* Symmetric keys */
 
 CK_RV
diff --git a/lib/ncrypto_nss.c b/lib/ncrypto_nss.c
index a430c3f..46716ea 100644
--- a/lib/ncrypto_nss.c
+++ b/lib/ncrypto_nss.c
@@ -114,6 +114,25 @@ ncr_close (void)
   return res;
 }
 
+ /* Random numbers */
+
+CK_RV
+ncr_get_random_bytes (void *dest, size_t size)
+{
+  CK_RV res;
+
+  g_return_val_if_fail (dest != NULL, CKR_ARGUMENTS_BAD);
+  g_return_val_if_fail (size <= INT_MAX, CKR_ARGUMENTS_BAD);
+
+  res = ensure_ncr_is_open ();
+  if (res != CKR_OK)
+    return res;
+
+  if (PK11_GenerateRandom (dest, size) != SECSuccess)
+    return CKR_GENERAL_ERROR;
+  return CKR_OK;
+}
+
  /* Asymmetric keys */
 
 struct ncr_public_key