1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
Description: ica_random_number_generate performance improvement
Changed the ica_random_number_generate function that asks the
global DRBG instance for random bytes to not reseed the
instance on every call.
Origin: https://sourceforge.net/p/opencryptoki/libica/ci/3bcd3efb0aff364515ab9b3c39dd68fbbb1534d0/
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/libica/+bug/1608954
--- a/src/s390_prng.c
+++ b/src/s390_prng.c
@@ -76,10 +76,9 @@ int s390_prng_init(void)
// available. However, the old prng is still initialized but
// only used as a fallback.
if(sha512_switch || sha512_drng_switch){
- const char *pers = "ica_drbg_global";
ica_drbg_instantiate(&ica_drbg_global, 256, true,
- ICA_DRBG_SHA512, (unsigned char *)pers,
- strlen(pers));
+ ICA_DRBG_SHA512,
+ (unsigned char *)"GLOBAL INSTANCE", 15);
}
// The old prng code starts here:
@@ -181,7 +180,7 @@ int s390_prng(unsigned char *output_data
unsigned char *ptr = output_data;
size_t i = 0;
for(; i < q; i++){
- status = ica_drbg_generate(ica_drbg_global, 256, true,
+ status = ica_drbg_generate(ica_drbg_global, 256, false,
NULL, 0, ptr,
ICA_DRBG_SHA512
->max_no_of_bytes_per_req);
@@ -191,7 +190,7 @@ int s390_prng(unsigned char *output_data
ptr += ICA_DRBG_SHA512->max_no_of_bytes_per_req;
}
if(!status){
- status = ica_drbg_generate(ica_drbg_global, 256, true,
+ status = ica_drbg_generate(ica_drbg_global, 256, false,
NULL, 0, ptr, r);
if(!status)
return 0;
|