Replace random_byte() with random_read().

This is in preparation for a PRNG revamp which will want to have a well defined boundary for any given request-for-randomness, so that it can destroy the evidence afterwards. So no more looping round calling random_byte() and then stopping when we feel like it: now you say up front how many random bytes you want, and call random_read() which gives you that many in one go. Most of the call sites that had to be fixed are fairly mechanical, and quite a few ended up more concise afterwards. A few became more cumbersome, such as mp_random_bits, in which the new API doesn't let me load the random bytes directly into the target integer without triggering undefined behaviour, so instead I have to allocate a separate temporary buffer. The _most_ interesting call site was in the PKCS#1 v1.5 padding code in sshrsa.c (used in SSH-1), in which you need a stream of _nonzero_ random bytes. The previous code just looped on random_byte, retrying if it got a zero. Now I'm doing a much more interesting thing with an mpint, essentially scaling a binary fraction repeatedly to extract a number in the range [0,255) and then adding 1 to it.
2025-07-05 21:42:47 -05:00 · 2019-01-22 19:43:27 +00:00
parent 76aa3f6f7a
commit 628e794832
21 changed files with 108 additions and 101 deletions
--- a/testcrypt.c
+++ b/testcrypt.c
@ -49,13 +49,10 @@ static NORETURN void fatal_error(const char *p, ...)
 void out_of_memory(void) { fatal_error("out of memory"); }

 static bufchain random_data_queue;
-int random_byte(void)
+void random_read(void *buf, size_t size)
 {
-    unsigned char u;
-    if (bufchain_try_fetch_consume(&random_data_queue, &u, 1))
-        return u;
-    fatal_error("No random data in queue");
-    return 0;
+    if (!bufchain_try_fetch_consume(&random_data_queue, buf, size))
+        fatal_error("No random data in queue");
 }

 #define VALUE_TYPES(X)                                                  \