From 1baed216883e63b10083912c7408dd37b2bcf03e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@isc.org>
Date: Thu, 22 Sep 2022 10:36:53 +0200
Subject: [PATCH 1/2] Switch the CSPRNG function from RAND_bytes() to
 uv_random()

The RAND_bytes() implementation differs between the OpenSSL versions and
uses the system entropy only for seeding its internal CSPRNG.  The
uv_random() on the other hand uses the system provided CSPRNG.

Switch from RAND_bytes() to uv_random() to use system provided CSPRNG.
---
 lib/isc/Makefile.am                           |  2 +-
 lib/isc/entropy.c                             | 14 +++++--------
 lib/isc/hash.c                                | 20 +++++++++----------
 .../isc/entropy.h}                            |  6 ++----
 lib/isc/nonce.c                               |  3 +--
 lib/isc/random.c                              |  2 +-
 6 files changed, 20 insertions(+), 27 deletions(-)
 rename lib/isc/{entropy_private.h => include/isc/entropy.h} (85%)

diff --git a/lib/isc/Makefile.am b/lib/isc/Makefile.am
index c23ebf3138..35657e889e 100644
--- a/lib/isc/Makefile.am
+++ b/lib/isc/Makefile.am
@@ -26,6 +26,7 @@ libisc_la_HEADERS =			\
 	include/isc/deprecated.h	\
 	include/isc/dir.h		\
 	include/isc/endian.h		\
+	include/isc/entropy.h		\
 	include/isc/errno.h		\
 	include/isc/error.h		\
 	include/isc/event.h		\
@@ -132,7 +133,6 @@ libisc_la_SOURCES =		\
 	crc64.c			\
 	dir.c			\
 	entropy.c		\
-	entropy_private.h	\
 	errno.c			\
 	errno2result.c		\
 	errno2result.h		\
diff --git a/lib/isc/entropy.c b/lib/isc/entropy.c
index ce79ba21c3..a037960bd1 100644
--- a/lib/isc/entropy.c
+++ b/lib/isc/entropy.c
@@ -11,18 +11,14 @@
  * information regarding copyright ownership.
  */
 
-#include <openssl/err.h>
-#include <openssl/rand.h>
-
+#include <isc/entropy.h>
 #include <isc/types.h>
 #include <isc/util.h>
-
-#include "entropy_private.h"
+#include <isc/uv.h>
 
 void
 isc_entropy_get(void *buf, size_t buflen) {
-	if (RAND_bytes(buf, buflen) < 1) {
-		FATAL_ERROR(__FILE__, __LINE__, "RAND_bytes(): %s",
-			    ERR_error_string(ERR_get_error(), NULL));
-	}
+	int r = uv_random(NULL, NULL, buf, buflen, 0, NULL);
+
+	UV_RUNTIME_CHECK(uv_random, r);
 }
diff --git a/lib/isc/hash.c b/lib/isc/hash.c
index 37622ea8c5..8dcc788ab6 100644
--- a/lib/isc/hash.c
+++ b/lib/isc/hash.c
@@ -15,16 +15,16 @@
 #include <stdbool.h>
 #include <stddef.h>
 
-#include "entropy_private.h"
-#include "isc/ascii.h"
-#include "isc/hash.h" /* IWYU pragma: keep */
-#include "isc/once.h"
-#include "isc/random.h"
-#include "isc/result.h"
-#include "isc/siphash.h"
-#include "isc/string.h"
-#include "isc/types.h"
-#include "isc/util.h"
+#include <isc/ascii.h>
+#include <isc/entropy.h>
+#include <isc/hash.h> /* IWYU pragma: keep */
+#include <isc/once.h>
+#include <isc/random.h>
+#include <isc/result.h>
+#include <isc/siphash.h>
+#include <isc/string.h>
+#include <isc/types.h>
+#include <isc/util.h>
 
 static uint8_t isc_hash_key[16];
 static uint8_t isc_hash32_key[8];
diff --git a/lib/isc/entropy_private.h b/lib/isc/include/isc/entropy.h
similarity index 85%
rename from lib/isc/entropy_private.h
rename to lib/isc/include/isc/entropy.h
index df9a38274a..4e2dc5f884 100644
--- a/lib/isc/entropy_private.h
+++ b/lib/isc/include/isc/entropy.h
@@ -17,13 +17,11 @@
 
 #include <isc/lang.h>
 
-/*! \file isc/entropy_private.h
+/*! \file isc/entropy.h
  * \brief Implements wrapper around CSPRNG cryptographic library calls
  * for getting cryptographically secure pseudo-random numbers.
  *
- * - If OpenSSL is used, it uses RAND_bytes()
- * - If PKCS#11 is used, it uses pkcs_C_GenerateRandom()
- *
+ * Uses synchronous version of uv_random().
  */
 
 ISC_LANG_BEGINDECLS
diff --git a/lib/isc/nonce.c b/lib/isc/nonce.c
index 4c2baff77d..316498a613 100644
--- a/lib/isc/nonce.c
+++ b/lib/isc/nonce.c
@@ -11,10 +11,9 @@
  * information regarding copyright ownership.
  */
 
+#include <isc/entropy.h>
 #include <isc/nonce.h>
 
-#include "entropy_private.h"
-
 void
 isc_nonce_buf(void *buf, size_t buflen) {
 	isc_entropy_get(buf, buflen);
diff --git a/lib/isc/random.c b/lib/isc/random.c
index e37366d8cd..5d67f81b14 100644
--- a/lib/isc/random.c
+++ b/lib/isc/random.c
@@ -35,13 +35,13 @@
 #include <string.h>
 #include <unistd.h>
 
+#include <isc/entropy.h>
 #include <isc/random.h>
 #include <isc/result.h>
 #include <isc/thread.h>
 #include <isc/types.h>
 #include <isc/util.h>
 
-#include "entropy_private.h"
 #include "random_p.h"
 
 /*

From b4e131ac77e698969c31c06caba7a4324e0310b0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@isc.org>
Date: Mon, 26 Sep 2022 09:37:28 +0200
Subject: [PATCH 2/2] Add CHANGES note for [GL !6803]

---
 CHANGES | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGES b/CHANGES
index 36dd658a36..9ddc566e84 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+5980.	[func]		The internal isc_entropy API provider has been
+			changed from OpenSSL RAND_bytes() to uv_random()
+			to use system provided entropy. [GL !6803]
+
 5979.	[func]		Implement DoT support for nsupdate. [GL #1781]
 
 5978.	[port]		The ability to use pkcs11 via engine_pkcs11 has been