From b6e8be94c64d67f0a2de6e5572e5b7ef7cfd7350 Mon Sep 17 00:00:00 2001
From: Arseny Smirnov <arseny30@gmail.com>
Date: Fri, 16 Nov 2018 16:41:53 +0400
Subject: [PATCH] secure_random: add_seed flushes all buffered random

GitOrigin-RevId: 408dea74532e882d1f42126999b7394a46cebfd1
---
 tdutils/td/utils/Random.cpp | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/tdutils/td/utils/Random.cpp b/tdutils/td/utils/Random.cpp
index debe6d1c..df700efd 100644
--- a/tdutils/td/utils/Random.cpp
+++ b/tdutils/td/utils/Random.cpp
@@ -27,13 +27,22 @@ constexpr size_t secure_bytes_buffer_size = 512;
 void Random::secure_bytes(MutableSlice dest) {
   Random::secure_bytes(dest.ubegin(), dest.size());
 }
+namespace {
+std::atomic<int64> random_seed_generation{0};
+}
 
 void Random::secure_bytes(unsigned char *ptr, size_t size) {
   constexpr size_t buf_size = secure_bytes_buffer_size;
   static TD_THREAD_LOCAL unsigned char *buf;  // static zero-initialized
   static TD_THREAD_LOCAL size_t buf_pos;
+  static TD_THREAD_LOCAL int64 generation;
   if (init_thread_local<unsigned char[]>(buf, buf_size)) {
     buf_pos = buf_size;
+    generation = 0;
+  }
+  if (generation != random_seed_generation.load(std::memory_order_relaxed)) {
+    generation = random_seed_generation.load(std::memory_order_acquire);
+    buf_pos = buf_size;
   }
 
   auto ready = min(size, buf_size - buf_pos);
@@ -75,9 +84,7 @@ int64 Random::secure_int64() {
 
 void Random::add_seed(Slice bytes, double entropy) {
   RAND_add(bytes.data(), static_cast<int>(bytes.size()), entropy);
-  // drain all secure_bytes buffer
-  std::array<char, secure_bytes_buffer_size> buf;
-  secure_bytes(MutableSlice(buf.data(), buf.size()));
+  random_seed_generation++;
 }
 #endif