diff options
Diffstat (limited to 'vespalib')
-rw-r--r-- | vespalib/src/vespa/vespalib/crypto/CMakeLists.txt | 1 | ||||
-rw-r--r-- | vespalib/src/vespa/vespalib/crypto/random.cpp | 13 | ||||
-rw-r--r-- | vespalib/src/vespa/vespalib/crypto/random.h | 11 |
3 files changed, 25 insertions, 0 deletions
diff --git a/vespalib/src/vespa/vespalib/crypto/CMakeLists.txt b/vespalib/src/vespa/vespalib/crypto/CMakeLists.txt index 6000156fcfa..299e3402e23 100644 --- a/vespalib/src/vespa/vespalib/crypto/CMakeLists.txt +++ b/vespalib/src/vespa/vespalib/crypto/CMakeLists.txt @@ -4,6 +4,7 @@ vespa_add_library(vespalib_vespalib_crypto OBJECT crypto_exception.cpp openssl_crypto_impl.cpp private_key.cpp + random.cpp x509_certificate.cpp DEPENDS ) diff --git a/vespalib/src/vespa/vespalib/crypto/random.cpp b/vespalib/src/vespa/vespalib/crypto/random.cpp new file mode 100644 index 00000000000..49200706839 --- /dev/null +++ b/vespalib/src/vespa/vespalib/crypto/random.cpp @@ -0,0 +1,13 @@ +// Copyright Verizon Media. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +#include "random.h" +#include <openssl/rand.h> + +namespace vespalib::crypto { + +void random_buffer(unsigned char* buf, size_t len) noexcept { + if (::RAND_bytes(buf, len) != 1) { + abort(); + } +} + +} diff --git a/vespalib/src/vespa/vespalib/crypto/random.h b/vespalib/src/vespa/vespalib/crypto/random.h new file mode 100644 index 00000000000..a97f8df2bc2 --- /dev/null +++ b/vespalib/src/vespa/vespalib/crypto/random.h @@ -0,0 +1,11 @@ +// Copyright Verizon Media. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +#pragma once +#include <cstddef> + +namespace vespalib::crypto { + +// Fills `buf` with `len` bytes of cryptographically secure pseudo-random data. +// Aborts the process if CSPRNG somehow fails. +void random_buffer(unsigned char* buf, size_t len) noexcept; + +} |