Use BoringSSL to get random bytes
Bug: 117508900
Change-Id: I4889513c0671ff2b689f1beca8084d6f149d473d
Test: Existing tests pass
(cherry picked from commit 29d54b87f121c79d5df87b0b2bcd7a1eb6090c1f)
diff --git a/src/crypto/random.c b/src/crypto/random.c
index fb92417..9774a69 100644
--- a/src/crypto/random.c
+++ b/src/crypto/random.c
@@ -163,10 +163,17 @@
wpa_printf(MSG_MSGDUMP, "Get randomness: len=%u entropy=%u",
(unsigned int) len, entropy);
+#ifdef CONFIG_USE_OPENSSL_RNG
+ /* Start with assumed strong randomness from OpenSSL */
+ ret = crypto_get_random(buf, len);
+ wpa_hexdump_key(MSG_EXCESSIVE, "random from crypto_get_random",
+ buf, len);
+#else /* CONFIG_USE_OPENSSL_RNG */
/* Start with assumed strong randomness from OS */
ret = os_get_random(buf, len);
wpa_hexdump_key(MSG_EXCESSIVE, "random from os_get_random",
buf, len);
+#endif /* CONFIG_USE_OPENSSL_RNG */
/* Mix in additional entropy extracted from the internal pool */
left = len;
diff --git a/wpa_supplicant/Android.mk b/wpa_supplicant/Android.mk
index d57446c..4b2bd20 100644
--- a/wpa_supplicant/Android.mk
+++ b/wpa_supplicant/Android.mk
@@ -1027,6 +1027,7 @@
ifndef CONFIG_TLS
CONFIG_TLS=openssl
+L_CFLAGS += -DCONFIG_USE_OPENSSL_RNG
endif
ifdef CONFIG_TLSV11