From c5b69375ea662f78f53db751c90657370f55b3cf Mon Sep 17 00:00:00 2001
From: Rich Cannings <richc@google.com>
Date: Tue, 9 Oct 2018 13:56:37 -0700
Subject: Use BoringSSL to get random bytes

Bug: 117508900
Change-Id: I4889513c0671ff2b689f1beca8084d6f149d473d
Test: Existing tests pass
(cherry picked from commit 29d54b87f121c79d5df87b0b2bcd7a1eb6090c1f)
---
 src/crypto/random.c | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'src')

diff --git a/src/crypto/random.c b/src/crypto/random.c
index bc758aa5..948e8803 100644
--- a/src/crypto/random.c
+++ b/src/crypto/random.c
@@ -160,10 +160,17 @@ int random_get_bytes(void *buf, size_t len)
 	wpa_printf(MSG_MSGDUMP, "Get randomness: len=%u entropy=%u",
 		   (unsigned int) len, entropy);
 
+#ifdef CONFIG_USE_OPENSSL_RNG
+	/* Start with assumed strong randomness from OpenSSL */
+	ret = crypto_get_random(buf, len);
+	wpa_hexdump_key(MSG_EXCESSIVE, "random from crypto_get_random",
+			buf, len);
+#else /* CONFIG_USE_OPENSSL_RNG */
 	/* Start with assumed strong randomness from OS */
 	ret = os_get_random(buf, len);
 	wpa_hexdump_key(MSG_EXCESSIVE, "random from os_get_random",
 			buf, len);
+#endif /* CONFIG_USE_OPENSSL_RNG */
 
 	/* Mix in additional entropy extracted from the internal pool */
 	left = len;
-- 
cgit v1.2.3