[PATCH v7 6/7] common: password: make use of get_crypto_bytes
Oleksij Rempel
o.rempel at pengutronix.de
Wed Mar 22 01:43:05 PDT 2017
get_random_bytes is providing prng, if we have HWRNG we should be
able to use it over get_crypto_bytes
Signed-off-by: Oleksij Rempel <o.rempel at pengutronix.de>
---
common/password.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/common/password.c b/common/password.c
index d52b746f0..74d328f4b 100644
--- a/common/password.c
+++ b/common/password.c
@@ -365,7 +365,11 @@ int set_env_passwd(unsigned char* passwd, size_t length)
char *salt = passwd_sum;
int keylen = PBKDF2_LENGTH - PBKDF2_SALT_LEN;
- get_random_bytes(passwd_sum, PBKDF2_SALT_LEN);
+ ret = get_crypto_bytes(passwd_sum, PBKDF2_SALT_LEN);
+ if (ret) {
+ pr_err("Can't get random numbers\n");
+ return ret;
+ }
ret = pkcs5_pbkdf2_hmac_sha1(passwd, length, salt,
PBKDF2_SALT_LEN, PBKDF2_COUNT, keylen, key);
--
2.11.0
More information about the barebox
mailing list