#include "fd-util.h"
#include "fileio.h"
#include "io-util.h"
+#include "iovec-util.h"
#include "missing_random.h"
#include "missing_syscall.h"
#include "missing_threads.h"
return loop_read_exact(fd, p, n, false);
}
+int crypto_random_bytes_allocate_iovec(size_t n, struct iovec *ret) {
+ _cleanup_free_ void *p = NULL;
+ int r;
+
+ assert(ret);
+
+ p = malloc(MAX(n, 1U));
+ if (!p)
+ return -ENOMEM;
+
+ r = crypto_random_bytes(p, n);
+ if (r < 0)
+ return r;
+
+ *ret = IOVEC_MAKE(TAKE_PTR(p), n);
+ return 0;
+}
+
size_t random_pool_size(void) {
_cleanup_free_ char *s = NULL;
int r;
#include <stdbool.h>
#include <stddef.h>
#include <stdint.h>
+#include <sys/uio.h>
void random_bytes(void *p, size_t n); /* Returns random bytes suitable for most uses, but may be insecure sometimes. */
int crypto_random_bytes(void *p, size_t n); /* Returns secure random bytes after waiting for the RNG to initialize. */
+int crypto_random_bytes_allocate_iovec(size_t n, struct iovec *ret);
static inline uint64_t random_u64(void) {
uint64_t u;
if (ivsz > 0) {
assert((size_t) ivsz <= CREDENTIAL_FIELD_SIZE_MAX);
- iv.iov_base = malloc(ivsz);
- if (!iv.iov_base)
- return log_oom();
-
- iv.iov_len = ivsz;
-
- r = crypto_random_bytes(iv.iov_base, iv.iov_len);
+ r = crypto_random_bytes_allocate_iovec(ivsz, &iv);
if (r < 0)
return log_error_errno(r, "Failed to acquired randomized IV: %m");
}
/* No secret provided, generate a random secret. We use SHA256 digest length, though it can
* be up to TPM2_MAX_SEALED_DATA. The secret length is not limited to the nameAlg hash
* size. */
- generated_secret.iov_len = TPM2_SHA256_DIGEST_SIZE;
- generated_secret.iov_base = malloc(generated_secret.iov_len);
- if (!generated_secret.iov_base)
- return log_oom_debug();
-
- r = crypto_random_bytes(generated_secret.iov_base, generated_secret.iov_len);
+ r = crypto_random_bytes_allocate_iovec(TPM2_SHA256_DIGEST_SIZE, &generated_secret);
if (r < 0)
return log_debug_errno(r, "Failed to generate secret key: %m");
projects / thirdparty / systemd.git / commitdiff
