jitter_generate(): Properly mix in the additional input

author Tomas Mraz <tomas@openssl.org>

Wed, 4 Dec 2024 10:00:11 +0000 (11:00 +0100)

committer Tomas Mraz <tomas@openssl.org>

Fri, 6 Dec 2024 14:36:57 +0000 (15:36 +0100)
author Tomas Mraz <tomas@openssl.org>
Wed, 4 Dec 2024 10:00:11 +0000 (11:00 +0100)
committer Tomas Mraz <tomas@openssl.org>
Fri, 6 Dec 2024 14:36:57 +0000 (15:36 +0100)
diff --git a/providers/implementations/rands/seed_src_jitter.c b/providers/implementations/rands/seed_src_jitter.c

index f6f0ed54a18b17bf2ceb67671f18d2ef89a85360..23d8384a40c5e9cc3ef3dba1deaaa6c25ec05df4 100644 (file)
--- a/providers/implementations/rands/seed_src_jitter.c
+++ b/providers/implementations/rands/seed_src_jitter.c
@@ -194,20 +194,20 @@ static int jitter_generate(void *vseed, unsigned char *out, size_t outlen,
          return 0;
      }
  
-    if (adin != NULL && adin_len > 0) {
-        if (!ossl_rand_pool_add(pool, adin, adin_len, 0)) {
-            ERR_raise(ERR_LIB_PROV, ERR_R_RAND_LIB);
-            ossl_rand_pool_free(pool);
-            return 0;
-        }
-    }
-
      /* Get entropy from jitter entropy library. */
      entropy_available = ossl_prov_acquire_entropy_from_jitter(s, pool);
  
      if (entropy_available > 0)
          memcpy(out, ossl_rand_pool_buffer(pool), ossl_rand_pool_length(pool));
  
+    if (adin != NULL && adin_len > 0) {
+        size_t i;
+
+        /* xor the additional data into the output */
+        for (i = 0; i < adin_len; ++i)
+            out[i % outlen] ^= adin[i];
+    }
+
      ossl_rand_pool_free(pool);
      return entropy_available > 0;
  }
author	Tomas Mraz <tomas@openssl.org>
	Wed, 4 Dec 2024 10:00:11 +0000 (11:00 +0100)
committer	Tomas Mraz <tomas@openssl.org>
	Fri, 6 Dec 2024 14:36:57 +0000 (15:36 +0100)