Add helper randomization function in key-provider.cpp

Change-Id: I657ac68ce8e9253ca63187132eef3fb769d8426a

1 files changed, 12 insertions, 5 deletions

diff --git a/src/manager/service/key-provider.cpp b/src/manager/service/key-provider.cpp
index 0ed59cc5..aea5c9b5 100644
--- a/src/manager/service/key-provider.cpp
+++ b/src/manager/service/key-provider.cpp
@@ -162,6 +162,13 @@ KeyData makePKEK2(const uint8_t *domainKEK, const std::string &user)
 	return key;
 }
 
+
+template <size_t N>
+bool randomize(uint8_t (&array)[N])
+{
+	return RAND_bytes(array, N) == 1;
+}
+
 } // anonymous namespace
 
 WrappedKeyAndInfoContainer::WrappedKeyAndInfoContainer()
@@ -425,8 +432,7 @@ RawBuffer KeyProvider::generateDEK(const ClientId &client)
 
 	uint8_t key[MAX_KEY_SIZE];
 
-	if (!RAND_bytes(key, m_kmcDKEK->getKeyAndInfo().keyInfo.keyLength) ||
-			!RAND_bytes(wkmcDEK.getWrappedKeyAndInfo().keyInfo.iv, MAX_IV_SIZE))
+	if (!randomize(key) || !randomize(wkmcDEK.getWrappedKeyAndInfo().keyInfo.iv))
 		ThrowErr(Exc::InternalError, "OPENSSL_ENGINE_ERROR");
 
 	KeyData PKEK2 = makePKEK2(m_kmcDKEK->getKeyAndInfo().key, resized_client);
@@ -512,10 +518,11 @@ RawBuffer KeyProvider::generateDomainKEK(
 
 	wkmcDKEK.setKeyInfoClient(user);
 
-	if (!RAND_bytes(wkmcDKEK.getWrappedKeyAndInfo().keyInfo.salt, MAX_SALT_SIZE) ||
-			!RAND_bytes(key, MAX_KEY_SIZE) ||
-			!RAND_bytes(wkmcDKEK.getWrappedKeyAndInfo().keyInfo.iv, MAX_IV_SIZE))
+	if (!randomize(wkmcDKEK.getWrappedKeyAndInfo().keyInfo.salt) ||
+	    !randomize(key) ||
+	    !randomize(wkmcDKEK.getWrappedKeyAndInfo().keyInfo.iv)) {
 		ThrowErr(Exc::InternalError, "OPENSSL_ENGINE_ERROR");
+	}
 
 	KeyData PKEK1 = makePKEK1(wkmcDKEK.getWrappedKeyAndInfo().keyInfo, userPassword);