Use BoringSSL to get random bytescm-11.0

Bug: 117508900
Change-Id: I4889513c0671ff2b689f1beca8084d6f149d473d
Test: Existing tests pass
(cherry picked from commit 29d54b87f121c79d5df87b0b2bcd7a1eb6090c1f)

2 files changed, 8 insertions, 0 deletions

diff --git a/src/crypto/random.c b/src/crypto/random.c
index 053740e9..d920e417 100644
--- a/src/crypto/random.c
+++ b/src/crypto/random.c
@@ -160,10 +160,17 @@ int random_get_bytes(void *buf, size_t len)
 	wpa_printf(MSG_MSGDUMP, "Get randomness: len=%u entropy=%u",
 		   (unsigned int) len, entropy);
 
+#ifdef CONFIG_USE_OPENSSL_RNG
+	/* Start with assumed strong randomness from OpenSSL */
+	ret = crypto_get_random(buf, len);
+	wpa_hexdump_key(MSG_EXCESSIVE, "random from crypto_get_random",
+			buf, len);
+#else /* CONFIG_USE_OPENSSL_RNG */
 	/* Start with assumed strong randomness from OS */
 	ret = os_get_random(buf, len);
 	wpa_hexdump_key(MSG_EXCESSIVE, "random from os_get_random",
 			buf, len);
+#endif /* CONFIG_USE_OPENSSL_RNG */
 
 	/* Mix in additional entropy extracted from the internal pool */
 	left = len;
diff --git a/wpa_supplicant/Android.mk b/wpa_supplicant/Android.mk
index 384d89d6..1d8a8dab 100644
--- a/wpa_supplicant/Android.mk
+++ b/wpa_supplicant/Android.mk
@@ -913,6 +913,7 @@ endif
 
 ifndef CONFIG_TLS
 CONFIG_TLS=openssl
+L_CFLAGS += -DCONFIG_USE_OPENSSL_RNG
 endif
 
 ifdef CONFIG_TLSV11