From 001a53d7427dcbcceef3c6754d9cca19df6dafa1 Mon Sep 17 00:00:00 2001
From: Philip Kaufmann <phil.kaufmann@t-online.de>
Date: Tue, 24 Jun 2014 14:27:32 +0200
Subject: add GetRandBytes() as wrapper for RAND_bytes()

- add a small wrapper in util around RAND_bytes() and replace with
  GetRandBytes() in the code to log errors from calling RAND_bytes()
- remove OpenSSL header rand.h where no longer needed
---
 src/util.cpp | 29 ++++++++++++++++-------------
 1 file changed, 16 insertions(+), 13 deletions(-)

(limited to 'src/util.cpp')

diff --git a/src/util.cpp b/src/util.cpp
index 91ac8833d5..8f2a1bd73d 100644
--- a/src/util.cpp
+++ b/src/util.cpp
@@ -69,6 +69,7 @@
 #include <boost/program_options/detail/config_file.hpp>
 #include <boost/program_options/parsers.hpp>
 #include <openssl/crypto.h>
+#include <openssl/err.h>
 #include <openssl/rand.h>
 
 // Work around clang compilation problem in Boost 1.46:
@@ -141,12 +142,14 @@ public:
 }
 instance_of_cinit;
 
-
-
-
-
-
-
+bool GetRandBytes(unsigned char *buf, int num)
+{
+    if (RAND_bytes(buf, num) == 0) {
+        LogPrint("rand", "%s : OpenSSL RAND_bytes() failed with error: %s\n", __func__, ERR_error_string(ERR_get_error(), NULL));
+        return false;
+    }
+    return true;
+}
 
 void RandAddSeed()
 {
@@ -207,9 +210,9 @@ uint64_t GetRand(uint64_t nMax)
     // to give every possible output value an equal possibility
     uint64_t nRange = (std::numeric_limits<uint64_t>::max() / nMax) * nMax;
     uint64_t nRand = 0;
-    do
-        RAND_bytes((unsigned char*)&nRand, sizeof(nRand));
-    while (nRand >= nRange);
+    do {
+        GetRandBytes((unsigned char*)&nRand, sizeof(nRand));
+    } while (nRand >= nRange);
     return (nRand % nMax);
 }
 
@@ -221,7 +224,7 @@ int GetRandInt(int nMax)
 uint256 GetRandHash()
 {
     uint256 hash;
-    RAND_bytes((unsigned char*)&hash, sizeof(hash));
+    GetRandBytes((unsigned char*)&hash, sizeof(hash));
     return hash;
 }
 
@@ -1196,18 +1199,18 @@ uint32_t insecure_rand_Rz = 11;
 uint32_t insecure_rand_Rw = 11;
 void seed_insecure_rand(bool fDeterministic)
 {
-    //The seed values have some unlikely fixed points which we avoid.
+    // The seed values have some unlikely fixed points which we avoid.
     if(fDeterministic)
     {
         insecure_rand_Rz = insecure_rand_Rw = 11;
     } else {
         uint32_t tmp;
         do {
-            RAND_bytes((unsigned char*)&tmp, 4);
+            GetRandBytes((unsigned char*)&tmp, 4);
         } while(tmp == 0 || tmp == 0x9068ffffU);
         insecure_rand_Rz = tmp;
         do {
-            RAND_bytes((unsigned char*)&tmp, 4);
+            GetRandBytes((unsigned char*)&tmp, 4);
         } while(tmp == 0 || tmp == 0x464fffffU);
         insecure_rand_Rw = tmp;
     }
-- 
cgit v1.2.3