Use BoringSSL to get random bytes
Bug: 117508900
Change-Id: I4889513c0671ff2b689f1beca8084d6f149d473d
Test: Existing tests pass
(cherry picked from commit 9356d01a5904fb751d44ca22a6eea0b8f675fdaf)
diff --git a/src/crypto/random.c b/src/crypto/random.c
index 3a86a93..5d671bd 100644
--- a/src/crypto/random.c
+++ b/src/crypto/random.c
@@ -160,10 +160,17 @@
wpa_printf(MSG_MSGDUMP, "Get randomness: len=%u entropy=%u",
(unsigned int) len, entropy);
+#ifdef CONFIG_USE_OPENSSL_RNG
+ /* Start with assumed strong randomness from OpenSSL */
+ ret = crypto_get_random(buf, len);
+ wpa_hexdump_key(MSG_EXCESSIVE, "random from crypto_get_random",
+ buf, len);
+#else /* CONFIG_USE_OPENSSL_RNG */
/* Start with assumed strong randomness from OS */
ret = os_get_random(buf, len);
wpa_hexdump_key(MSG_EXCESSIVE, "random from os_get_random",
buf, len);
+#endif /* CONFIG_USE_OPENSSL_RNG */
/* Mix in additional entropy extracted from the internal pool */
left = len;
diff --git a/wpa_supplicant/Android.mk b/wpa_supplicant/Android.mk
index f65076c..09399cd 100644
--- a/wpa_supplicant/Android.mk
+++ b/wpa_supplicant/Android.mk
@@ -931,6 +931,7 @@
ifndef CONFIG_TLS
CONFIG_TLS=openssl
+L_CFLAGS += -DCONFIG_USE_OPENSSL_RNG
endif
ifdef CONFIG_TLSV11
