return log_error_errno(r, "Failed to acquire random seed: %m");
sha256_init_ctx(&hash_state);
- sha256_process_bytes(&(const size_t) { sizeof(buffer) }, sizeof(size_t), &hash_state);
- sha256_process_bytes(buffer, sizeof(buffer), &hash_state);
+ sha256_process_bytes_and_size(buffer, sizeof(buffer), &hash_state);
fd = openat(loader_dir_fd, "random-seed", O_NOFOLLOW|O_CLOEXEC|O_RDONLY|O_NOCTTY);
if (fd < 0) {
if (n < 0)
return log_error_errno(errno, "Failed to read old random seed file: %m");
- sha256_process_bytes(&n, sizeof(n), &hash_state);
- sha256_process_bytes(buffer, n, &hash_state);
+ sha256_process_bytes_and_size(buffer, n, &hash_state);
fd = safe_close(fd);
refreshed = n > 0;
uint8_t *sha256_finish_ctx(struct sha256_ctx *ctx, uint8_t resbuf[static SHA256_DIGEST_SIZE]);
void sha256_process_bytes(const void *buffer, size_t len, struct sha256_ctx *ctx);
+static inline void sha256_process_bytes_and_size(const void *buffer, size_t len, struct sha256_ctx *ctx) {
+ sha256_process_bytes(&len, sizeof(len), ctx);
+ sha256_process_bytes(buffer, len, ctx);
+}
+
uint8_t* sha256_direct(const void *buffer, size_t sz, uint8_t result[static SHA256_DIGEST_SIZE]);
#define SHA256_DIRECT(buffer, sz) sha256_direct(buffer, sz, (uint8_t[SHA256_DIGEST_SIZE]) {})
return log_oom();
sha256_init_ctx(hash_state);
- sha256_process_bytes(&k, sizeof(k), hash_state); /* Hash length to distinguish from new seed. */
- sha256_process_bytes(buf, k, hash_state);
+ sha256_process_bytes_and_size(buf, k, hash_state); /* Hash with length to distinguish from new seed. */
*ret_hash_state = hash_state;
}
if (hash_state) {
uint8_t hash[SHA256_DIGEST_SIZE];
- sha256_process_bytes(&k, sizeof(k), hash_state); /* Hash length to distinguish from old seed. */
- sha256_process_bytes(buf, k, hash_state);
+ sha256_process_bytes_and_size(buf, k, hash_state); /* Hash with length to distinguish from old seed. */
sha256_finish_ctx(hash_state, hash);
l = MIN((size_t)k, sizeof(hash));
memcpy((uint8_t *)buf + k - l, hash, l);
/* Hash the old seed in so that we never regress in entropy. */
sha256_init_ctx(&hash_state);
- sha256_process_bytes(&n, sizeof(n), &hash_state);
- sha256_process_bytes(seed_file_bytes, n, &hash_state);
+ sha256_process_bytes_and_size(seed_file_bytes, n, &hash_state);
/* We're doing this opportunistically, so if the seeding dance before didn't manage to initialize the
* RNG, there's no point in doing it here. Secondly, getrandom(GRND_NONBLOCK) has been around longer
assert(n == sizeof(buffer));
/* Hash the new seed into the state containing the old one to generate our final seed. */
- sha256_process_bytes(&n, sizeof(n), &hash_state);
- sha256_process_bytes(buffer, n, &hash_state);
+ sha256_process_bytes_and_size(buffer, n, &hash_state);
sha256_finish_ctx(&hash_state, buffer);
if (lseek(seed_fd, 0, SEEK_SET) < 0)
projects / thirdparty / systemd.git / commitdiff
