size_t dnscrypt_pad(uint8_t *buf, const size_t len, const size_t max_len) { uint8_t *buf_padding_area = buf + len; size_t padded_len, padding_len; if (max_len < len + DNSCRYPT_MIN_PAD_LEN) { return len; } padded_len = len + DNSCRYPT_MIN_PAD_LEN + salsa20_random_uniform(max_len - len - DNSCRYPT_MIN_PAD_LEN + 1U); padded_len += DNSCRYPT_BLOCK_SIZE - padded_len % DNSCRYPT_BLOCK_SIZE; if (padded_len > max_len) { padded_len = max_len; } assert(padded_len >= len); padding_len = padded_len - len; #ifdef DNSCRYPT_USE_ONLY_ONE_BYTE_FROM_PRNG_FOR_PADDING memset(buf_padding_area, (int) salsa20_random(), padding_len); #else salsa20_random_buf(buf_padding_area, padding_len); assert(max_len >= padded_len); #endif return padded_len; }
void randombytes(unsigned char * const buf, const unsigned long long buf_len) { assert(buf_len <= SIZE_MAX); salsa20_random_buf(buf, buf_len); }