romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-14 22:41:40 +03:00
Code Issues Projects Releases Packages Wiki Activity

vtls/rustls: support strong CSRNG data

Browse source 
Now that the curl rustls vtls backend is using rustls 0.14 we can
address the weak random situation by using
`rustls_default_crypto_provider_random()` to provide a `Curl_ssl`
`random` callback that fills the provided buffer with cryptographically
secure random data.

The mentions in `docs/` about weak RNG when using rustls are removed as
they are no longer applicable.

Closes #14889
This commit is contained in:
Daniel McCarney 2024-09-12 12:38:51 -04:00 committed by Daniel Stenberg
parent 6d9b40d6a4
commit 8972845123
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
5 changed files with 27 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

5
lib/rand.h
View file

@ -36,11 +36,6 @@ CURLcode Curl_rand_bytes(struct Curl_easy *data,
#define Curl_rand(a,b,c) Curl_rand_bytes((a), (b), (c))
#endif
/* ---- non-cryptographic version following ---- */
CURLcode Curl_weak_random(struct Curl_easy *data,
unsigned char *rnd,
size_t length);
/*
* Curl_rand_hex() fills the 'rnd' buffer with a given 'num' size with random
* hexadecimal digits PLUS a null-terminating byte. It must be an odd number