Use the dst entropy wrapper in all cases, so that the initial entropy flags

passes into dst are always in effect.
2025-08-28 21:17:54 +00:00 · 2000-06-12 18:05:15 +00:00 · 2000-06-12 18:05:15 +00:00 · c0975ccf5c
commit c0975ccf5c
parent ef09af8fa2
6 changed files with 15 additions and 22 deletions
--- a/lib/dns/sec/dst/bsafe_link.c
+++ b/lib/dns/sec/dst/bsafe_link.c
@ -19,14 +19,13 @@

 /*
 * Principal Author: Brian Wellington
- * $Id: bsafe_link.c,v 1.30 2000/06/10 21:30:53 bwelling Exp $
+ * $Id: bsafe_link.c,v 1.31 2000/06/12 18:05:09 bwelling Exp $
 */

 #if defined(DNSSAFE)

 #include <config.h>

-#include <isc/entropy.h>
 #include <isc/md5.h>
 #include <isc/mem.h>
 #include <isc/string.h>
@ -300,7 +299,7 @@ dnssafersa_compare(const dst_key_t *key1, const dst_key_t *key2) {
 }

 static isc_result_t
-dnssafersa_generate(dst_key_t *key, int exp, isc_entropy_t *ectx) {
+dnssafersa_generate(dst_key_t *key, int exp) {
 	B_KEY_OBJ private;
 	B_KEY_OBJ public;
 	B_ALGORITHM_OBJ keypairGenerator = NULL;
@ -393,8 +392,7 @@ dnssafersa_generate(dst_key_t *key, int exp, isc_entropy_t *ectx) {
 	if (B_RandomInit(randomAlgorithm, CHOOSER, NULL_SURRENDER) != 0)
 		do_fail(ISC_R_NOMEMORY);

-	ret = isc_entropy_getdata(ectx, randomSeed, sizeof(randomSeed), NULL,
-				  ISC_ENTROPY_GOODONLY | ISC_ENTROPY_BLOCKING);
+	ret = dst__entropy_getdata(randomSeed, sizeof(randomSeed), ISC_FALSE);
 	if (ret != ISC_R_SUCCESS)
 		goto fail;

--- a/lib/dns/sec/dst/dst_api.c
+++ b/lib/dns/sec/dst/dst_api.c
@ -19,7 +19,7 @@

 /*
 * Principal Author: Brian Wellington
- * $Id: dst_api.c,v 1.55 2000/06/12 07:07:53 bwelling Exp $
+ * $Id: dst_api.c,v 1.56 2000/06/12 18:05:10 bwelling Exp $
 */

 #include <config.h>
@ -525,7 +525,7 @@ dst_key_generate(dns_name_t *name, const unsigned int alg,
 		return (DST_R_UNSUPPORTEDALG);
 	}

-	ret = key->func->generate(key, param, dst_entropy_pool);
+	ret = key->func->generate(key, param);
 	if (ret != ISC_R_SUCCESS) {
 		dst_key_free(&key);
 		return (ret);
--- a/lib/dns/sec/dst/dst_internal.h
+++ b/lib/dns/sec/dst/dst_internal.h
@ -74,8 +74,7 @@ struct dst_func {
 	isc_boolean_t (*compare)(const dst_key_t *key1, const dst_key_t *key2);
 	isc_boolean_t (*paramcompare)(const dst_key_t *key1,
 				      const dst_key_t *key2);
-	isc_result_t (*generate)(dst_key_t *key, int parms,
-				 isc_entropy_t *ectx);
+	isc_result_t (*generate)(dst_key_t *key, int parms);
 	isc_boolean_t (*isprivate)(const dst_key_t *key);
 	void (*destroy)(dst_key_t *key);

--- a/lib/dns/sec/dst/hmac_link.c
+++ b/lib/dns/sec/dst/hmac_link.c
@ -19,12 +19,11 @@

 /*
 * Principal Author: Brian Wellington
- * $Id: hmac_link.c,v 1.37 2000/06/12 07:07:14 bwelling Exp $
+ * $Id: hmac_link.c,v 1.38 2000/06/12 18:05:12 bwelling Exp $
 */

 #include <config.h>

-#include <isc/entropy.h>
 #include <isc/md5.h>
 #include <isc/mem.h>
 #include <isc/string.h>
@ -145,7 +144,7 @@ hmacmd5_compare(const dst_key_t *key1, const dst_key_t *key2) {
 }

 static isc_result_t
-hmacmd5_generate(dst_key_t *key, int unused, isc_entropy_t *ectx) {
+hmacmd5_generate(dst_key_t *key, int unused) {
 	isc_buffer_t b;
 	isc_result_t ret;
 	int bytes;
@ -160,8 +159,7 @@ hmacmd5_generate(dst_key_t *key, int unused, isc_entropy_t *ectx) {
 	}

 	memset(data, 0, HMAC_LEN);
-	ret = isc_entropy_getdata(ectx, data, bytes, NULL,
-				  ISC_ENTROPY_GOODONLY | ISC_ENTROPY_BLOCKING);
+	ret = dst__entropy_getdata(data, bytes, ISC_FALSE);
 	if (ret != ISC_R_SUCCESS)
 		return (ret);

--- a/lib/dns/sec/dst/openssl_link.c
+++ b/lib/dns/sec/dst/openssl_link.c
@ -19,7 +19,7 @@

 /*
 * Principal Author: Brian Wellington
- * $Id: openssl_link.c,v 1.30 2000/06/09 23:31:55 bwelling Exp $
+ * $Id: openssl_link.c,v 1.31 2000/06/12 18:05:13 bwelling Exp $
 */
 #if defined(OPENSSL)

@ -174,7 +174,7 @@ openssldsa_compare(const dst_key_t *key1, const dst_key_t *key2) {
 }

 static isc_result_t
-openssldsa_generate(dst_key_t *key, int unused, isc_entropy_t *ectx) {
+openssldsa_generate(dst_key_t *key, int unused) {
 	DSA *dsa;
 	unsigned char dns_array[DST_KEY_MAXSIZE];
 	unsigned char rand_array[ISC_SHA1_DIGESTLENGTH];
@ -184,8 +184,8 @@ openssldsa_generate(dst_key_t *key, int unused, isc_entropy_t *ectx) {

 	UNUSED(unused);

-	result = isc_entropy_getdata(ectx, rand_array, sizeof(rand_array), NULL,
-				     ISC_ENTROPY_GOODONLY|ISC_ENTROPY_BLOCKING);
+	result = dst__entropy_getdata(rand_array, sizeof(rand_array),
+				      ISC_FALSE);
 	if (result != ISC_R_SUCCESS)
 		return (result);

--- a/lib/dns/sec/dst/openssldh_link.c
+++ b/lib/dns/sec/dst/openssldh_link.c
@ -19,7 +19,7 @@

 /*
 * Principal Author: Brian Wellington
- * $Id: openssldh_link.c,v 1.24 2000/06/09 22:32:19 bwelling Exp $
+ * $Id: openssldh_link.c,v 1.25 2000/06/12 18:05:15 bwelling Exp $
 */

 #if defined(OPENSSL)
@ -128,15 +128,13 @@ openssldh_paramcompare(const dst_key_t *key1, const dst_key_t *key2) {
 }

 static isc_result_t
-openssldh_generate(dst_key_t *key, int generator, isc_entropy_t *ectx) {
+openssldh_generate(dst_key_t *key, int generator) {
 	DH *dh = NULL;
 	unsigned char dns_array[DST_KEY_MAXSIZE];
 	isc_buffer_t dns;
 	isc_region_t r;
 	isc_result_t result;

-	UNUSED(ectx);
-
 	if (generator == 0) {
 		if (key->key_size == 768 || key->key_size == 1024) {
 			dh = DH_new();