From e6bdf57820121b6eac9f35c8ef53a4e7a76205e1 Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Sun, 20 May 2018 18:18:40 -0400
Subject: Better hal_core_alloc() semantics, assert() and printf() cleanup.

Various fixes extracted from the abandoned(-for-now?) reuse-cores
branch, principally:

* Change hal_core_alloc*() to support core reuse and to pick the
  least-recently-used core of a particular type otherwise;

* Replace assert() and printf() calls with hal_assert() and hal_log(),
  respectively.  assert() is particularly useless on the HSM, since it
  sends its error message into hyperspace then hangs the HSM.
---
 csprng.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'csprng.c')

diff --git a/csprng.c b/csprng.c
index 8ba4fa5..a760100 100644
--- a/csprng.c
+++ b/csprng.c
@@ -46,9 +46,10 @@
 hal_error_t hal_get_random(hal_core_t *core, void *buffer, const size_t length)
 {
   uint8_t temp[4], ior = 0, * const buf = buffer;
-  hal_error_t err;
+  const int free_core = core == NULL;
+  hal_error_t err = HAL_OK;
 
-  if ((err = hal_core_alloc(CSPRNG_NAME, &core)) != HAL_OK)
+  if (free_core && (err = hal_core_alloc(CSPRNG_NAME, &core, NULL)) != HAL_OK)
     return err;
 
   for (size_t i = 0; i < length; i += 4) {
@@ -73,7 +74,8 @@ hal_error_t hal_get_random(hal_core_t *core, void *buffer, const size_t length)
       err = HAL_ERROR_CSPRNG_BROKEN;
   }
 
-  hal_core_free(core);
+  if (free_core)
+    hal_core_free(core);
   return err;
 }
 
-- 
cgit v1.2.3