random: stop retrieving random bytes from OpenSSL

On the ::SLOW path we would use OpenSSL as an additional source of random bytes. This commit removes that functionality. Note that this was always only an additional source, and that we never checked the return value RAND_bytes(): https://www.openssl.org/docs/manmaster/man3/RAND_bytes.html RAND_bytes() puts num cryptographically strong pseudo-random bytes into buf.
PIVX-Project · May 11, 2021 · 602c0b2 · 602c0b2
1 parent b1c8396
commit 602c0b2
Show file tree

Hide file tree

Showing 3 changed files with 0 additions and 6 deletions.
diff --git a/src/random.cpp b/src/random.cpp
@@ -522,10 +522,6 @@ static void SeedSlow(CSHA512& hasher, RNGState& rng) noexcept
     GetOSRand(buffer);
     hasher.Write(buffer, sizeof(buffer));
 
-    // OpenSSL RNG (for now)
-    RAND_bytes(buffer, sizeof(buffer));
-    hasher.Write(buffer, sizeof(buffer));
-
     // Add the events hasher into the mix
     rng.SeedEvents(hasher);
 

diff --git a/src/random.h b/src/random.h
@@ -35,7 +35,6 @@
  *   that fast seeding includes, but additionally:
  *   - OS entropy (/dev/urandom, getrandom(), ...). The application will terminate if
  *     this entropy source fails.
- *   - Bytes from OpenSSL's RNG (which itself may be seeded from various sources)
  *   - Another high-precision timestamp (indirectly committing to a benchmark of all the
  *     previous sources).
  *   These entropy sources are slower, but designed to make sure the RNG state contains

diff --git a/src/randomenv.cpp b/src/randomenv.cpp
@@ -70,7 +70,6 @@ namespace {
 void RandAddSeedPerfmon(CSHA512& hasher)
 {
 #ifdef WIN32
-    // Don't need this on Linux, OpenSSL automatically uses /dev/urandom
     // Seed with the entire set of perfmon data
 
     // This can take up to 2 seconds, so only do it every 10 minutes