From eeee1d64aebbf2d29b322730d1bc4bee0661a07f Mon Sep 17 00:00:00 2001
From: Miloslav Trmač <mitr@redhat.com>
Date: Thu, 21 Oct 2010 19:21:56 +0200
Subject: Add random data generation

---
 include/ncrypto/ncrypto.h |  4 ++++
 lib/ncrypto_local.c       | 11 +++++++++++
 2 files changed, 15 insertions(+)

diff --git a/include/ncrypto/ncrypto.h b/include/ncrypto/ncrypto.h
index ada244b..b23a8c4 100644
--- a/include/ncrypto/ncrypto.h
+++ b/include/ncrypto/ncrypto.h
@@ -47,6 +47,10 @@ Red Hat author: Miloslav Trmač <mitr@redhat.com> */
 CK_RV ncr_open (void);
 CK_RV ncr_close (void);
 
+ /* Random numbers */
+
+CK_RV ncr_get_random_bytes (void *dest, size_t size);
+
  /* Symmetric keys */
 
 struct ncr_symm_key;
diff --git a/lib/ncrypto_local.c b/lib/ncrypto_local.c
index 8c65789..366963a 100644
--- a/lib/ncrypto_local.c
+++ b/lib/ncrypto_local.c
@@ -32,6 +32,7 @@ Red Hat author: Miloslav Trmač <mitr@redhat.com> */
 
 #include <glib.h>
 #include <openssl/evp.h>
+#include <openssl/rand.h>
 
 #include <ncrypto/ncrypto.h>
 
@@ -44,6 +45,16 @@ ckr_openssl (void)
   return CKR_GENERAL_ERROR;
 }
 
+ /* Random numbers */
+
+CK_RV
+ncr_get_random_bytes (void *dest, size_t size)
+{
+  /* This is not strong enough, we need cryptographically strong random
+     numbers! */
+  return RAND_pseudo_bytes (dest, size) != 0 ? CKR_OK : ckr_openssl ();
+}
+
  /* Symmetric keys */
 
 struct ncr_symm_key
-- 
cgit