From 12b1865951b87b43344f230a294af3262664b7d2 Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Thu, 30 May 2024 12:46:01 -0400
Subject: [PATCH] Use OpenSSL random functions

Let *that* cycle back into the provider and call C_GenerateRandom()
if that's how the properties end up wiring things.

Fixes #280

Signed-off-by: Simo Sorce <simo@redhat.com>
---
 src/keymgmt.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/keymgmt.c b/src/keymgmt.c
index 9e426750..4394d312 100644
--- a/src/keymgmt.c
+++ b/src/keymgmt.c
@@ -3,6 +3,7 @@
 
 #include "provider.h"
 #include "platform/endian.h"
+#include "openssl/rand.h"
 #include <string.h>
 
 #define DFLT_DIGEST "SHA256"
@@ -498,9 +499,13 @@ static int p11prov_common_gen(struct key_generator *ctx,
     sh = p11prov_session_handle(session);
 
     if (cka_id.ulValueLen == 0) {
+        int err = RET_OSSL_ERR;
         /* generate unique id for the key */
-        ret = p11prov_GenerateRandom(ctx->provctx, sh, id, sizeof(id));
-        if (ret != CKR_OK) {
+        err = RAND_bytes_ex(p11prov_ctx_get_libctx(ctx->provctx), id,
+                            sizeof(id), 0);
+        if (err != RET_OSSL_OK) {
+            ret = CKR_GENERAL_ERROR;
+            P11PROV_raise(ctx->provctx, ret, "Failed to source random buffer");
             goto done;
         }
         cka_id.type = CKA_ID;