1 files changed, 38 insertions, 4 deletions

diff --git a/src/lib/cryptolink/openssl_link.cc b/src/lib/cryptolink/openssl_link.cc
index dac6ee4fd1..1a573f7c41 100644
--- a/src/lib/cryptolink/openssl_link.cc
+++ b/src/lib/cryptolink/openssl_link.cc
@@ -1,4 +1,4 @@
-// Copyright (C) 2014-2015 Internet Systems Consortium, Inc. ("ISC")
+// Copyright (C) 2014-2018 Internet Systems Consortium, Inc. ("ISC")
 //
 // This Source Code Form is subject to the terms of the Mozilla Public
 // License, v. 2.0. If a copy of the MPL was not distributed with this
@@ -7,27 +7,49 @@
 #include <config.h>
 
 #include <cryptolink/cryptolink.h>
+#include <cryptolink/crypto_rng.h>
 #include <cryptolink/crypto_hash.h>
 #include <cryptolink/crypto_hmac.h>
 
 #include <openssl/crypto.h>
+#include <openssl/rand.h>
 
 namespace isc {
 namespace cryptolink {
 
 // For OpenSSL, we use the CryptoLink class object in RAII style
 class CryptoLinkImpl {
-    // empty class
 };
 
 CryptoLink::~CryptoLink() {
     delete impl_;
 }
 
+/// \brief OpenSSL implementation of RNG.
+class RNGImpl : public RNG {
+public:
+    RNGImpl() { }
+
+    ~RNGImpl() { }
+
+private:
+    std::vector<uint8_t> random(size_t len) {
+        std::vector<uint8_t> data;
+        if (len > 0) {
+            data.resize(len);
+            if (RAND_bytes(&data[0], len) != 1) {
+                isc_throw(isc::cryptolink::LibraryError,
+                          "OpenSSL RAND_bytes() failed");
+            }
+        }
+        return (data);
+    }
+};
+
 void
 CryptoLink::initialize() {
     CryptoLink& c = getCryptoLinkInternal();
-    if (c.impl_ == NULL) {
+    if (!c.impl_) {
         try {
             c.impl_ = new CryptoLinkImpl();
         } catch (const std::exception &ex) {
@@ -40,6 +62,19 @@ CryptoLink::initialize() {
                       "Error during OpenSSL initialization");
         }
     }
+    if (!c.rng_) {
+        try {
+            c.rng_.reset(new RNGImpl());
+        } catch (const std::exception &ex) {
+            // Should never happen
+            isc_throw(InitializationError,
+                      "Error during OpenSSL RNG initialization:" << ex.what());
+        } catch (...) {
+            // Should never happen
+            isc_throw(InitializationError,
+                      "Error during OpenSSL RNG initialization");
+        }
+    }
 }
 
 std::string
@@ -49,4 +84,3 @@ CryptoLink::getVersion() {
 
 } // namespace cryptolink
 } // namespace isc
-