int rand_pool_add_additional_data(RAND_POOL *pool)
{
struct {
CRYPTO_THREAD_ID tid;
uint64_t time;
} data = { 0 };
/*
* Add some noise from the thread id and a high resolution timer.
* The thread id adds a little randomness if the drbg is accessed
* concurrently (which is the case for the <master> drbg).
*/
data.tid = CRYPTO_THREAD_get_current_id();
data.time = get_timer_bits();
return rand_pool_add(pool, (unsigned char *)&data, sizeof(data), 0);
}
/*
* Generate additional data that can be used for the drbg. The data does
* not need to contain entropy, but it's useful if it contains at least
* some bits that are unpredictable.
*
* Returns 0 on failure.
*
* On success it allocates a buffer at |*pout| and returns the length of
* the data. The buffer should get freed using OPENSSL_secure_clear_free().
*/
size_t rand_drbg_get_additional_data(unsigned char **pout, size_t max_len)
{
RAND_POOL *pool;
CRYPTO_THREAD_ID thread_id;
size_t len;
#ifdef OPENSSL_SYS_UNIX
pid_t pid;
#elif defined(OPENSSL_SYS_WIN32)
DWORD pid;
#endif
uint64_t tbits;
pool = RAND_POOL_new(0, 0, max_len);
if (pool == NULL)
return 0;
#ifdef OPENSSL_SYS_UNIX
pid = getpid();
RAND_POOL_add(pool, (unsigned char *)&pid, sizeof(pid), 0);
#elif defined(OPENSSL_SYS_WIN32)
pid = GetCurrentProcessId();
RAND_POOL_add(pool, (unsigned char *)&pid, sizeof(pid), 0);
#endif
thread_id = CRYPTO_THREAD_get_current_id();
if (thread_id != 0)
RAND_POOL_add(pool, (unsigned char *)&thread_id, sizeof(thread_id), 0);
tbits = get_timer_bits();
if (tbits != 0)
RAND_POOL_add(pool, (unsigned char *)&tbits, sizeof(tbits), 0);
/* TODO: Use RDSEED? */
len = RAND_POOL_length(pool);
if (len != 0)
*pout = RAND_POOL_detach(pool);
RAND_POOL_free(pool);
return len;
}
