Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use OpenSSL random functions #401

Merged
merged 1 commit into from
May 31, 2024
Merged

Use OpenSSL random functions #401

merged 1 commit into from
May 31, 2024

Conversation

simo5
Copy link
Member

@simo5 simo5 commented May 30, 2024
edited
Loading

Let that cycle back into the provider and call C_GenerateRandom() if that's how the properties end up wiring things.

Fixes #280

Description

After some consideration I think using the openssl RAND functions is just fine here.
First of all it is not a security sensitive thing, and secondarily those functions will still cycle back to use the C_GenerateRandom function if we probed that the token does have a random generator and properties force it.

The existing generation test should eb sufficient to cover this change, and no documentation needs to be updated.

Checklist

  • Code modified for feature
  • Test suite updated with functionality tests
  • Test suite updated with negative tests
  • Documentation updated

Reviewer's checklist:

  • Any issues marked for closing are addressed
  • There is a test suite reasonably covering new functionality or modifications
  • This feature/change has adequate documentation added
  • Code conform to coding style that today cannot yet be enforced via the check style test
  • Commits have short titles and sensible commit messages
  • Coverity Scan has run if needed (code PR) and no new defects were found

@simo5 simo5 force-pushed the gen_rng branch 2 times, most recently from acad0cc to 6eb4880 Compare May 30, 2024 16:52
@simo5 simo5 requested a review from a team May 30, 2024 16:54
Jakuje
Jakuje previously approved these changes May 31, 2024
View reviewed changes
beldmit
beldmit reviewed May 31, 2024
View reviewed changes
src/keymgmt.c Outdated Show resolved Hide resolved
@simo5
Use OpenSSL random functions
12b1865 
Let *that* cycle back into the provider and call C_GenerateRandom()
if that's how the properties end up wiring things.

Fixes latchset#280

Signed-off-by: Simo Sorce <simo@redhat.com>
@simo5 simo5 added the covscan Triggers Coverity Scanner label May 31, 2024
@github-actions github-actions bot removed the covscan Triggers Coverity Scanner label May 31, 2024
@simo5 simo5 merged commit 101a262 into latchset:main May 31, 2024
33 of 34 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@beldmit beldmit beldmit left review comments

@Jakuje Jakuje Jakuje approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Key generation should not use token GenerateRandom()
3 participants
@simo5 @Jakuje @beldmit