virCryptoGenerateRandom: Don't allocate return buffer

To unify our vir*Random() functions we need to make
virCryptoGenerateRandom NOT allocate return buffer. It should
just fill given buffer with random data.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

src/qemu/qemu_domain.c

@@ -930,12 +930,15 @@ qemuDomainMasterKeyCreate(virDomainObjPtr vm)
     if (!virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_OBJECT_SECRET))
         return 0;
 
-    if (!(priv->masterKey =
+    if (VIR_ALLOC_N(priv->masterKey, QEMU_DOMAIN_MASTER_KEY_LEN) < 0)
-          virCryptoGenerateRandom(QEMU_DOMAIN_MASTER_KEY_LEN)))
         return -1;
-
     priv->masterKeyLen = QEMU_DOMAIN_MASTER_KEY_LEN;
 
+    if (virCryptoGenerateRandom(priv->masterKey, priv->masterKeyLen) < 0) {
+        VIR_DISPOSE_N(priv->masterKey, priv->masterKeyLen);
+        return -1;
+    }
+
     return 0;
 }
 
@@ -1281,8 +1284,11 @@ qemuDomainSecretAESSetup(qemuDomainObjPrivatePtr priv,
     if (!(secinfo->s.aes.alias = qemuDomainGetSecretAESAlias(srcalias, isLuks)))
         goto cleanup;
 
+    if (VIR_ALLOC_N(raw_iv, ivlen) < 0)
+        goto cleanup;
+
     /* Create a random initialization vector */
-    if (!(raw_iv = virCryptoGenerateRandom(ivlen)))
+    if (virCryptoGenerateRandom(raw_iv, ivlen) < 0)
         goto cleanup;
 
     /* Encode the IV and save that since qemu will need it */

src/util/vircrypto.c

@@ -316,44 +316,39 @@ virCryptoEncryptData(virCryptoCipher algorithm,
 #endif
 
 /* virCryptoGenerateRandom:
- * @nbytes: Size in bytes of random byte stream to generate
+ * @buf: Pointer to location to store bytes
+ * @buflen: Number of bytes to store
  *
- * Generate a random stream of nbytes length and return it.
+ * Generate a random stream of @buflen length and store it into @buf.
  *
  * Since the gnutls_rnd could be missing, provide an alternate less
  * secure mechanism to at least have something.
  *
- * Returns pointer memory containing byte stream on success,
+ * Returns 0 on success or -1 on failure (with error reported)
- * NULL on failure (with error reported)
  */
-uint8_t *
+int
-virCryptoGenerateRandom(size_t nbytes)
+virCryptoGenerateRandom(unsigned char *buf,
+                        size_t buflen)
 {
-    uint8_t *buf;
     int rv;
 
-    if (VIR_ALLOC_N(buf, nbytes) < 0)
-        return NULL;
-
 #if WITH_GNUTLS
     /* Generate the byte stream using gnutls_rnd() if possible */
-    if ((rv = gnutls_rnd(GNUTLS_RND_RANDOM, buf, nbytes)) < 0) {
+    if ((rv = gnutls_rnd(GNUTLS_RND_RANDOM, buf, buflen)) < 0) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
                        _("failed to generate byte stream: %s"),
                        gnutls_strerror(rv));
-        VIR_FREE(buf);
+        return -1;
-        return NULL;
     }
 #else
     /* If we don't have gnutls_rnd(), we will generate a less cryptographically
      * strong master buf from /dev/urandom.
      */
-    if ((rv = virRandomBytes(buf, nbytes)) < 0) {
+    if ((rv = virRandomBytes(buf, buflen)) < 0) {
         virReportSystemError(-rv, "%s", _("failed to generate byte stream"));
-        VIR_FREE(buf);
+        return -1;
-        return NULL;
     }
 #endif
 
-    return buf;
+    return 0;
 }

src/util/vircrypto.h

@@ -65,6 +65,7 @@ int virCryptoEncryptData(virCryptoCipher algorithm,
     ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(6)
     ATTRIBUTE_NONNULL(8) ATTRIBUTE_NONNULL(9) ATTRIBUTE_RETURN_CHECK;
 
-uint8_t *virCryptoGenerateRandom(size_t nbytes) ATTRIBUTE_NOINLINE;
+int virCryptoGenerateRandom(unsigned char *buf,
+                            size_t buflen) ATTRIBUTE_NOINLINE;
 
 #endif /* __VIR_CRYPTO_H__ */

tests/qemuxml2argvmock.c

@@ -190,17 +190,11 @@ virCommandPassFD(virCommandPtr cmd ATTRIBUTE_UNUSED,
     /* nada */
 }
 
-uint8_t *
+int
-virCryptoGenerateRandom(size_t nbytes)
+virCryptoGenerateRandom(unsigned char *buf,
+                        size_t buflen)
 {
-    uint8_t *buf;
+    return virRandomBytes(buf, buflen);
-
-    if (VIR_ALLOC_N(buf, nbytes) < 0)
-        return NULL;
-
-    ignore_value(virRandomBytes(buf, nbytes));
-
-    return buf;
 }
 
 int