From 6bba373ec371f9706f61b1e4fe5c751809761202 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Wed, 4 Dec 2024 11:00:11 +0100 Subject: [PATCH] jitter_generate(): Properly mix in the additional input MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit By adding the additional input directly to the pool we were using just the additional input. Reviewed-by: Matt Caswell Reviewed-by: Saša Nedvědický (Merged from https://github.com/openssl/openssl/pull/26112) --- .../implementations/rands/seed_src_jitter.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/providers/implementations/rands/seed_src_jitter.c b/providers/implementations/rands/seed_src_jitter.c index f6f0ed54a1..23d8384a40 100644 --- a/providers/implementations/rands/seed_src_jitter.c +++ b/providers/implementations/rands/seed_src_jitter.c @@ -194,20 +194,20 @@ static int jitter_generate(void *vseed, unsigned char *out, size_t outlen, return 0; } - if (adin != NULL && adin_len > 0) { - if (!ossl_rand_pool_add(pool, adin, adin_len, 0)) { - ERR_raise(ERR_LIB_PROV, ERR_R_RAND_LIB); - ossl_rand_pool_free(pool); - return 0; - } - } - /* Get entropy from jitter entropy library. */ entropy_available = ossl_prov_acquire_entropy_from_jitter(s, pool); if (entropy_available > 0) memcpy(out, ossl_rand_pool_buffer(pool), ossl_rand_pool_length(pool)); + if (adin != NULL && adin_len > 0) { + size_t i; + + /* xor the additional data into the output */ + for (i = 0; i < adin_len; ++i) + out[i % outlen] ^= adin[i]; + } + ossl_rand_pool_free(pool); return entropy_available > 0; }