commit 44d1afa2c02e782ba3023770063c057faf4687f3
author Branden Archer <brarcher@google.com> Fri Dec 28 09:10:49 2018 -0800
committer Branden Archer <brarcher@google.com> Fri Dec 28 10:19:15 2018 -0800
tree 32fd67faf63d74362f35fb734b8d59a43023fcd9
parent fe2a27d9a92784e6ee3e3a3e18c1d89ab220f22f

Replace Entropy with RAND_bytes

/dev/urandom is not an approved random number generator
for NIAP certification. Changing to use BoringSSL's
RAND_bytes(), which is approved.

Bug: 121272336
Test: Ran Keystore CTS tests against Walleye
Change-Id: I579d140ef56c90b477b0d8989e3b02375681aee8

keystore/blob.h

diff --git a/keystore/blob.h b/keystore/blob.h
index 92e4514..86f367f 100644
--- a/keystore/blob.h
+++ b/keystore/blob.h
@@ -89,7 +89,6 @@
     TYPE_KEY_CHARACTERISTICS_CACHE = 6,
 } BlobType;
 
-class Entropy;
 class LockedKeyBlobEntry;
 
 /**
@@ -263,7 +262,7 @@
              [](uid_t, const std::string&) -> bool { return true; });
 
     ResponseCode writeBlobs(Blob keyBlob, Blob characteristicsBlob, const uint8_t* aes_key,
-                            State state, Entropy* entorpy) const;
+                            State state) const;
     std::tuple<ResponseCode, Blob, Blob> readBlobs(const uint8_t* aes_key, State state) const;
     ResponseCode deleteBlobs() const;