11 files changed, 66 insertions, 1626 deletions

diff --git a/src/lib/libcrypto/crypto/Makefile b/src/lib/libcrypto/crypto/Makefile
index 116a3d4fd0..26fe163249 100644
--- a/src/lib/libcrypto/crypto/Makefile
+++ b/src/lib/libcrypto/crypto/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.5 2014/04/14 04:27:50 miod Exp $
+# $OpenBSD: Makefile,v 1.6 2014/04/15 16:52:50 miod Exp $
 
 LIB=    crypto
 
@@ -220,7 +220,7 @@ SRCS+= pk7_mime.c bio_pk7.c
 SRCS+= pqueue.c
 
 # rand/
-SRCS+= md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c
+SRCS+= rc4_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c
 SRCS+= rand_unix.c
 
 # rc2/
diff --git a/src/lib/libcrypto/doc/RAND_add.pod b/src/lib/libcrypto/doc/RAND_add.pod
index 67c66f3e0c..d55dc125d3 100644
--- a/src/lib/libcrypto/doc/RAND_add.pod
+++ b/src/lib/libcrypto/doc/RAND_add.pod
@@ -2,8 +2,7 @@
 
 =head1 NAME
 
-RAND_add, RAND_seed, RAND_status, RAND_event, RAND_screen - add
-entropy to the PRNG
+RAND_add, RAND_seed, RAND_status - add entropy to the PRNG (DEPRECATED)
 
 =head1 SYNOPSIS
 
@@ -15,63 +14,17 @@ entropy to the PRNG
 
  int  RAND_status(void);
 
- int  RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam);
- void RAND_screen(void);
-
 =head1 DESCRIPTION
 
-RAND_add() mixes the B<num> bytes at B<buf> into the PRNG state. Thus,
-if the data at B<buf> are unpredictable to an adversary, this
-increases the uncertainty about the state and makes the PRNG output
-less predictable. Suitable input comes from user interaction (random
-key presses, mouse movements) and certain hardware events. The
-B<entropy> argument is (the lower bound of) an estimate of how much
-randomness is contained in B<buf>, measured in bytes. Details about
-sources of randomness and how to estimate their entropy can be found
-in the literature, e.g. RFC 1750.
-
-RAND_add() may be called with sensitive data such as user entered
-passwords. The seed values cannot be recovered from the PRNG output.
-
-OpenSSL makes sure that the PRNG state is unique for each thread. On
-systems that provide C</dev/urandom>, the randomness device is used
-to seed the PRNG transparently. However, on all other systems, the
-application is responsible for seeding the PRNG by calling RAND_add(),
-L<RAND_egd(3)|RAND_egd(3)>
-or L<RAND_load_file(3)|RAND_load_file(3)>.
-
-RAND_seed() is equivalent to RAND_add() when B<num == entropy>.
-
-RAND_event() collects the entropy from Windows events such as mouse
-movements and other user interaction. It should be called with the
-B<iMsg>, B<wParam> and B<lParam> arguments of I<all> messages sent to
-the window procedure. It will estimate the entropy contained in the
-event message (if any), and add it to the PRNG. The program can then
-process the messages as usual.
+These functions used to allow for the state of the random number generator
+to be controlled by external sources.
 
-The RAND_screen() function is available for the convenience of Windows
-programmers. It adds the current contents of the screen to the PRNG.
-For applications that can catch Windows events, seeding the PRNG by
-calling RAND_event() is a significantly better source of
-randomness. It should be noted that both methods cannot be used on
-servers that run without user interaction.
-
-=head1 RETURN VALUES
-
-RAND_status() and RAND_event() return 1 if the PRNG has been seeded
-with enough data, 0 otherwise.
-
-The other functions do not return values.
+They are kept for ABI compatibility but are no longer functional, and
+should not used in new programs.
 
 =head1 SEE ALSO
 
 L<rand(3)|rand(3)>, L<RAND_egd(3)|RAND_egd(3)>,
 L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
 
-=head1 HISTORY
-
-RAND_seed() and RAND_screen() are available in all versions of SSLeay
-and OpenSSL. RAND_add() and RAND_status() have been added in OpenSSL
-0.9.5, RAND_event() in OpenSSL 0.9.5a.
-
 =cut
diff --git a/src/lib/libcrypto/doc/RAND_load_file.pod b/src/lib/libcrypto/doc/RAND_load_file.pod
index d8c134e621..3f7e944d86 100644
--- a/src/lib/libcrypto/doc/RAND_load_file.pod
+++ b/src/lib/libcrypto/doc/RAND_load_file.pod
@@ -22,18 +22,18 @@ filename. The seed file is $RANDFILE if that environment variable is
 set, $HOME/.rnd otherwise. If $HOME is not set either, or B<num> is
 too small for the path name, an error occurs.
 
-RAND_load_file() reads a number of bytes from file B<filename> and
-adds them to the PRNG. If B<max_bytes> is non-negative,
-up to to B<max_bytes> are read; starting with OpenSSL 0.9.5,
-if B<max_bytes> is -1, the complete file is read.
+RAND_load_file() used to allow for the state of the random number generator
+to be controlled by external sources.
+
+It is kept for ABI compatibility but is no longer functional, and
+should not used in new programs.
 
 RAND_write_file() writes a number of random bytes (currently 1024) to
-file B<filename> which can be used to initialize the PRNG by calling
-RAND_load_file() in a later session.
+file B<filename>.
 
 =head1 RETURN VALUES
 
-RAND_load_file() returns the number of bytes read.
+RAND_load_file() always returns 0.
 
 RAND_write_file() returns the number of bytes written, and -1 if the
 bytes written were generated without appropriate seed.
diff --git a/src/lib/libcrypto/rand/md_rand.c b/src/lib/libcrypto/rand/md_rand.c
deleted file mode 100644
index aee1c30b0a..0000000000
--- a/src/lib/libcrypto/rand/md_rand.c
+++ /dev/null
@@ -1,607 +0,0 @@
-/* crypto/rand/md_rand.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#define OPENSSL_FIPSEVP
-
-#ifdef MD_RAND_DEBUG
-# ifndef NDEBUG
-#   define NDEBUG
-# endif
-#endif
-
-#include <assert.h>
-#include <stdio.h>
-#include <string.h>
-
-#include "e_os.h"
-
-#include <openssl/crypto.h>
-#include <openssl/rand.h>
-#include "rand_lcl.h"
-
-#include <openssl/err.h>
-
-#ifdef BN_DEBUG
-# define PREDICT
-#endif
-
-/* #define PREDICT      1 */
-
-#define STATE_SIZE      1023
-static int state_num=0,state_index=0;
-static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH];
-static unsigned char md[MD_DIGEST_LENGTH];
-static long md_count[2]={0,0};
-static double entropy=0;
-static int initialized=0;
-
-static unsigned int crypto_lock_rand = 0; /* may be set only when a thread
-                                           * holds CRYPTO_LOCK_RAND
-                                           * (to prevent double locking) */
-/* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */
-static CRYPTO_THREADID locking_threadid; /* valid iff crypto_lock_rand is set */
-
-
-#ifdef PREDICT
-int rand_predictable=0;
-#endif
-
-const char RAND_version[]="RAND" OPENSSL_VERSION_PTEXT;
-
-static void ssleay_rand_cleanup(void);
-static void ssleay_rand_seed(const void *buf, int num);
-static void ssleay_rand_add(const void *buf, int num, double add_entropy);
-static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo);
-static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num);
-static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);
-static int ssleay_rand_status(void);
-
-RAND_METHOD rand_ssleay_meth={
-        ssleay_rand_seed,
-        ssleay_rand_nopseudo_bytes,
-        ssleay_rand_cleanup,
-        ssleay_rand_add,
-        ssleay_rand_pseudo_bytes,
-        ssleay_rand_status
-        }; 
-
-RAND_METHOD *RAND_SSLeay(void)
-        {
-        return(&rand_ssleay_meth);
-        }
-
-static void ssleay_rand_cleanup(void)
-        {
-        OPENSSL_cleanse(state,sizeof(state));
-        state_num=0;
-        state_index=0;
-        OPENSSL_cleanse(md,MD_DIGEST_LENGTH);
-        md_count[0]=0;
-        md_count[1]=0;
-        entropy=0;
-        initialized=0;
-        }
-
-static void ssleay_rand_add(const void *buf, int num, double add)
-        {
-        int i,j,k,st_idx;
-        long md_c[2];
-        unsigned char local_md[MD_DIGEST_LENGTH];
-        EVP_MD_CTX m;
-        int do_not_lock;
-
-        if (!num)
-                return;
-
-        /*
-         * (Based on the rand(3) manpage)
-         *
-         * The input is chopped up into units of 20 bytes (or less for
-         * the last block).  Each of these blocks is run through the hash
-         * function as follows:  The data passed to the hash function
-         * is the current 'md', the same number of bytes from the 'state'
-         * (the location determined by in incremented looping index) as
-         * the current 'block', the new key data 'block', and 'count'
-         * (which is incremented after each use).
-         * The result of this is kept in 'md' and also xored into the
-         * 'state' at the same locations that were used as input into the
-         * hash function.
-         */
-
-        /* check if we already have the lock */
-        if (crypto_lock_rand)
-                {
-                CRYPTO_THREADID cur;
-                CRYPTO_THREADID_current(&cur);
-                CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
-                do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);
-                CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
-                }
-        else
-                do_not_lock = 0;
-
-        if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-        st_idx=state_index;
-
-        /* use our own copies of the counters so that even
-         * if a concurrent thread seeds with exactly the
-         * same data and uses the same subarray there's _some_
-         * difference */
-        md_c[0] = md_count[0];
-        md_c[1] = md_count[1];
-
-        memcpy(local_md, md, sizeof md);
-
-        /* state_index <= state_num <= STATE_SIZE */
-        state_index += num;
-        if (state_index >= STATE_SIZE)
-                {
-                state_index%=STATE_SIZE;
-                state_num=STATE_SIZE;
-                }
-        else if (state_num < STATE_SIZE)        
-                {
-                if (state_index > state_num)
-                        state_num=state_index;
-                }
-        /* state_index <= state_num <= STATE_SIZE */
-
-        /* state[st_idx], ..., state[(st_idx + num - 1) % STATE_SIZE]
-         * are what we will use now, but other threads may use them
-         * as well */
-
-        md_count[1] += (num / MD_DIGEST_LENGTH) + (num % MD_DIGEST_LENGTH > 0);
-
-        if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-
-        EVP_MD_CTX_init(&m);
-        for (i=0; i<num; i+=MD_DIGEST_LENGTH)
-                {
-                j=(num-i);
-                j=(j > MD_DIGEST_LENGTH)?MD_DIGEST_LENGTH:j;
-
-                MD_Init(&m);
-                MD_Update(&m,local_md,MD_DIGEST_LENGTH);
-                k=(st_idx+j)-STATE_SIZE;
-                if (k > 0)
-                        {
-                        MD_Update(&m,&(state[st_idx]),j-k);
-                        MD_Update(&m,&(state[0]),k);
-                        }
-                else
-                        MD_Update(&m,&(state[st_idx]),j);
-
-                /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
-                MD_Update(&m,buf,j);
-                /* We know that line may cause programs such as
-                   purify and valgrind to complain about use of
-                   uninitialized data.  The problem is not, it's
-                   with the caller.  Removing that line will make
-                   sure you get really bad randomness and thereby
-                   other problems such as very insecure keys. */
-
-                MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
-                MD_Final(&m,local_md);
-                md_c[1]++;
-
-                buf=(const char *)buf + j;
-
-                for (k=0; k<j; k++)
-                        {
-                        /* Parallel threads may interfere with this,
-                         * but always each byte of the new state is
-                         * the XOR of some previous value of its
-                         * and local_md (itermediate values may be lost).
-                         * Alway using locking could hurt performance more
-                         * than necessary given that conflicts occur only
-                         * when the total seeding is longer than the random
-                         * state. */
-                        state[st_idx++]^=local_md[k];
-                        if (st_idx >= STATE_SIZE)
-                                st_idx=0;
-                        }
-                }
-        EVP_MD_CTX_cleanup(&m);
-
-        if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-        /* Don't just copy back local_md into md -- this could mean that
-         * other thread's seeding remains without effect (except for
-         * the incremented counter).  By XORing it we keep at least as
-         * much entropy as fits into md. */
-        for (k = 0; k < (int)sizeof(md); k++)
-                {
-                md[k] ^= local_md[k];
-                }
-        if (entropy < ENTROPY_NEEDED) /* stop counting when we have enough */
-            entropy += add;
-        if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-        
-#if !defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32)
-        assert(md_c[1] == md_count[1]);
-#endif
-        }
-
-static void ssleay_rand_seed(const void *buf, int num)
-        {
-        ssleay_rand_add(buf, num, (double)num);
-        }
-
-static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
-        {
-        static volatile int stirred_pool = 0;
-        int i,j,k,st_num,st_idx;
-        int num_ceil;
-        int ok;
-        long md_c[2];
-        unsigned char local_md[MD_DIGEST_LENGTH];
-        EVP_MD_CTX m;
-#ifndef GETPID_IS_MEANINGLESS
-        pid_t curr_pid = getpid();
-#endif
-        int do_stir_pool = 0;
-
-#ifdef PREDICT
-        if (rand_predictable)
-                {
-                static unsigned char val=0;
-
-                for (i=0; i<num; i++)
-                        buf[i]=val++;
-                return(1);
-                }
-#endif
-
-        if (num <= 0)
-                return 1;
-
-        EVP_MD_CTX_init(&m);
-        /* round upwards to multiple of MD_DIGEST_LENGTH/2 */
-        num_ceil = (1 + (num-1)/(MD_DIGEST_LENGTH/2)) * (MD_DIGEST_LENGTH/2);
-
-        /*
-         * (Based on the rand(3) manpage:)
-         *
-         * For each group of 10 bytes (or less), we do the following:
-         *
-         * Input into the hash function the local 'md' (which is initialized from
-         * the global 'md' before any bytes are generated), the bytes that are to
-         * be overwritten by the random bytes, and bytes from the 'state'
-         * (incrementing looping index). From this digest output (which is kept
-         * in 'md'), the top (up to) 10 bytes are returned to the caller and the
-         * bottom 10 bytes are xored into the 'state'.
-         * 
-         * Finally, after we have finished 'num' random bytes for the
-         * caller, 'count' (which is incremented) and the local and global 'md'
-         * are fed into the hash function and the results are kept in the
-         * global 'md'.
-         */
-#ifdef OPENSSL_FIPS
-        /* NB: in FIPS mode we are already under a lock */
-        if (!FIPS_mode())
-#endif
-                CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-
-        /* prevent ssleay_rand_bytes() from trying to obtain the lock again */
-        CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
-        CRYPTO_THREADID_current(&locking_threadid);
-        CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
-        crypto_lock_rand = 1;
-
-        if (!initialized)
-                {
-                RAND_poll();
-                initialized = 1;
-                }
-        
-        if (!stirred_pool)
-                do_stir_pool = 1;
-        
-        ok = (entropy >= ENTROPY_NEEDED);
-        if (!ok)
-                {
-                /* If the PRNG state is not yet unpredictable, then seeing
-                 * the PRNG output may help attackers to determine the new
-                 * state; thus we have to decrease the entropy estimate.
-                 * Once we've had enough initial seeding we don't bother to
-                 * adjust the entropy count, though, because we're not ambitious
-                 * to provide *information-theoretic* randomness.
-                 *
-                 * NOTE: This approach fails if the program forks before
-                 * we have enough entropy. Entropy should be collected
-                 * in a separate input pool and be transferred to the
-                 * output pool only when the entropy limit has been reached.
-                 */
-                entropy -= num;
-                if (entropy < 0)
-                        entropy = 0;
-                }
-
-        if (do_stir_pool)
-                {
-                /* In the output function only half of 'md' remains secret,
-                 * so we better make sure that the required entropy gets
-                 * 'evenly distributed' through 'state', our randomness pool.
-                 * The input function (ssleay_rand_add) chains all of 'md',
-                 * which makes it more suitable for this purpose.
-                 */
-
-                int n = STATE_SIZE; /* so that the complete pool gets accessed */
-                while (n > 0)
-                        {
-#if MD_DIGEST_LENGTH > 20
-# error "Please adjust DUMMY_SEED."
-#endif
-#define DUMMY_SEED "...................." /* at least MD_DIGEST_LENGTH */
-                        /* Note that the seed does not matter, it's just that
-                         * ssleay_rand_add expects to have something to hash. */
-                        ssleay_rand_add(DUMMY_SEED, MD_DIGEST_LENGTH, 0.0);
-                        n -= MD_DIGEST_LENGTH;
-                        }
-                if (ok)
-                        stirred_pool = 1;
-                }
-
-        st_idx=state_index;
-        st_num=state_num;
-        md_c[0] = md_count[0];
-        md_c[1] = md_count[1];
-        memcpy(local_md, md, sizeof md);
-
-        state_index+=num_ceil;
-        if (state_index > state_num)
-                state_index %= state_num;
-
-        /* state[st_idx], ..., state[(st_idx + num_ceil - 1) % st_num]
-         * are now ours (but other threads may use them too) */
-
-        md_count[0] += 1;
-
-        /* before unlocking, we must clear 'crypto_lock_rand' */
-        crypto_lock_rand = 0;
-#ifdef OPENSSL_FIPS
-        if (!FIPS_mode())
-#endif
-                CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-
-        while (num > 0)
-                {
-                /* num_ceil -= MD_DIGEST_LENGTH/2 */
-                j=(num >= MD_DIGEST_LENGTH/2)?MD_DIGEST_LENGTH/2:num;
-                num-=j;
-                MD_Init(&m);
-#ifndef GETPID_IS_MEANINGLESS
-                if (curr_pid) /* just in the first iteration to save time */
-                        {
-                        MD_Update(&m,(unsigned char*)&curr_pid,sizeof curr_pid);
-                        curr_pid = 0;
-                        }
-#endif
-                MD_Update(&m,local_md,MD_DIGEST_LENGTH);
-                MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
-
-#ifndef PURIFY /* purify complains */
-                /* The following line uses the supplied buffer as a small
-                 * source of entropy: since this buffer is often uninitialised
-                 * it may cause programs such as purify or valgrind to
-                 * complain. So for those builds it is not used: the removal
-                 * of such a small source of entropy has negligible impact on
-                 * security.
-                 */
-                MD_Update(&m,buf,j);
-#endif
-
-                k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;
-                if (k > 0)
-                        {
-                        MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2-k);
-                        MD_Update(&m,&(state[0]),k);
-                        }
-                else
-                        MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2);
-                MD_Final(&m,local_md);
-
-                for (i=0; i<MD_DIGEST_LENGTH/2; i++)
-                        {
-                        state[st_idx++]^=local_md[i]; /* may compete with other threads */
-                        if (st_idx >= st_num)
-                                st_idx=0;
-                        if (i < j)
-                                *(buf++)=local_md[i+MD_DIGEST_LENGTH/2];
-                        }
-                }
-
-        MD_Init(&m);
-        MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
-        MD_Update(&m,local_md,MD_DIGEST_LENGTH);
-#ifdef OPENSSL_FIPS
-        if (!FIPS_mode())
-#endif
-                CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-        MD_Update(&m,md,MD_DIGEST_LENGTH);
-        MD_Final(&m,md);
-#ifdef OPENSSL_FIPS
-        if (!FIPS_mode())
-#endif
-                CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-
-        EVP_MD_CTX_cleanup(&m);
-        if (ok)
-                return(1);
-        else if (pseudo)
-                return 0;
-        else 
-                {
-                RANDerr(RAND_F_SSLEAY_RAND_BYTES,RAND_R_PRNG_NOT_SEEDED);
-                ERR_add_error_data(1, "You need to read the OpenSSL FAQ, "
-                        "http://www.openssl.org/support/faq.html");
-                return(0);
-                }
-        }
-
-static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num)
-        {
-        return ssleay_rand_bytes(buf, num, 0);
-        }
-
-/* pseudo-random bytes that are guaranteed to be unique but not
-   unpredictable */
-static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) 
-        {
-        return ssleay_rand_bytes(buf, num, 1);
-        }
-
-static int ssleay_rand_status(void)
-        {
-        CRYPTO_THREADID cur;
-        int ret;
-        int do_not_lock;
-
-        CRYPTO_THREADID_current(&cur);
-        /* check if we already have the lock
-         * (could happen if a RAND_poll() implementation calls RAND_status()) */
-        if (crypto_lock_rand)
-                {
-                CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
-                do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);
-                CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
-                }
-        else
-                do_not_lock = 0;
-        
-        if (!do_not_lock)
-                {
-                CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-                
-                /* prevent ssleay_rand_bytes() from trying to obtain the lock again */
-                CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
-                CRYPTO_THREADID_cpy(&locking_threadid, &cur);
-                CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
-                crypto_lock_rand = 1;
-                }
-        
-        if (!initialized)
-                {
-                RAND_poll();
-                initialized = 1;
-                }
-
-        ret = entropy >= ENTROPY_NEEDED;
-
-        if (!do_not_lock)
-                {
-                /* before unlocking, we must clear 'crypto_lock_rand' */
-                crypto_lock_rand = 0;
-                
-                CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-                }
-        
-        return ret;
-        }
diff --git a/src/lib/libcrypto/rand/rand.h b/src/lib/libcrypto/rand/rand.h
index bb5520e80a..e65b4b2e35 100644
--- a/src/lib/libcrypto/rand/rand.h
+++ b/src/lib/libcrypto/rand/rand.h
@@ -63,18 +63,10 @@
 #include <openssl/ossl_typ.h>
 #include <openssl/e_os2.h>
 
-#if defined(OPENSSL_SYS_WINDOWS)
-#include <windows.h>
-#endif
-
 #ifdef  __cplusplus
 extern "C" {
 #endif
 
-#if defined(OPENSSL_FIPS)
-#define FIPS_RAND_SIZE_T size_t
-#endif
-
 /* Already defined in ossl_typ.h */
 /* typedef struct rand_meth_st RAND_METHOD; */
 
@@ -88,10 +80,6 @@ struct rand_meth_st
         int (*status)(void);
         };
 
-#ifdef BN_DEBUG
-extern int rand_predictable;
-#endif
-
 int RAND_set_rand_method(const RAND_METHOD *meth);
 const RAND_METHOD *RAND_get_rand_method(void);
 #ifndef OPENSSL_NO_ENGINE
@@ -112,25 +100,13 @@ int RAND_egd(const char *path);
 int RAND_egd_bytes(const char *path,int bytes);
 int RAND_poll(void);
 
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
-
-void RAND_screen(void);
-int RAND_event(UINT, WPARAM, LPARAM);
-
-#endif
-
-#ifdef OPENSSL_FIPS
-void RAND_set_fips_drbg_type(int type, int flags);
-int RAND_init_fips(void);
-#endif
-
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
 void ERR_load_RAND_strings(void);
 
-/* Error codes for the RAND functions. */
+/* Error codes for the RAND functions. (no longer used) */
 
 /* Function codes. */
 #define RAND_F_RAND_GET_RAND_METHOD                      101
diff --git a/src/lib/libcrypto/rand/rand_egd.c b/src/lib/libcrypto/rand/rand_egd.c
index d53b916ebe..a78aa90c46 100644
--- a/src/lib/libcrypto/rand/rand_egd.c
+++ b/src/lib/libcrypto/rand/rand_egd.c
@@ -95,7 +95,6 @@
  *   RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
  */
 
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_BEOS)
 int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
         {
         return(-1);
@@ -109,195 +108,3 @@ int RAND_egd_bytes(const char *path,int bytes)
         {
         return(-1);
         }
-#else
-#include <openssl/opensslconf.h>
-#include OPENSSL_UNISTD
-#include <sys/types.h>
-#include <sys/socket.h>
-#ifndef NO_SYS_UN_H
-# ifdef OPENSSL_SYS_VXWORKS
-#   include <streams/un.h>
-# else
-#   include <sys/un.h>
-# endif
-#else
-struct  sockaddr_un {
-        short   sun_family;             /* AF_UNIX */
-        char    sun_path[108];          /* path name (gag) */
-};
-#endif /* NO_SYS_UN_H */
-#include <string.h>
-#include <errno.h>
-
-#ifndef offsetof
-#  define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER)
-#endif
-
-int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
-        {
-        int ret = 0;
-        struct sockaddr_un addr;
-        int len, num, numbytes;
-        int fd = -1;
-        int success;
-        unsigned char egdbuf[2], tempbuf[255], *retrievebuf;
-
-        memset(&addr, 0, sizeof(addr));
-        addr.sun_family = AF_UNIX;
-        if (strlen(path) >= sizeof(addr.sun_path))
-                return (-1);
-        BUF_strlcpy(addr.sun_path,path,sizeof addr.sun_path);
-        len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
-        fd = socket(AF_UNIX, SOCK_STREAM, 0);
-        if (fd == -1) return (-1);
-        success = 0;
-        while (!success)
-            {
-            if (connect(fd, (struct sockaddr *)&addr, len) == 0)
-               success = 1;
-            else
-                {
-                switch (errno)
-                    {
-#ifdef EINTR
-                    case EINTR:
-#endif
-#ifdef EAGAIN
-                    case EAGAIN:
-#endif
-#ifdef EINPROGRESS
-                    case EINPROGRESS:
-#endif
-#ifdef EALREADY
-                    case EALREADY:
-#endif
-                        /* No error, try again */
-                        break;
-#ifdef EISCONN
-                    case EISCONN:
-                        success = 1;
-                        break;
-#endif
-                    default:
-                        goto err;       /* failure */
-                    }
-                }
-            }
-
-        while(bytes > 0)
-            {
-            egdbuf[0] = 1;
-            egdbuf[1] = bytes < 255 ? bytes : 255;
-            numbytes = 0;
-            while (numbytes != 2)
-                {
-                num = write(fd, egdbuf + numbytes, 2 - numbytes);
-                if (num >= 0)
-                    numbytes += num;
-                else
-                    {
-                    switch (errno)
-                        {
-#ifdef EINTR
-                        case EINTR:
-#endif
-#ifdef EAGAIN
-                        case EAGAIN:
-#endif
-                            /* No error, try again */
-                            break;
-                        default:
-                            ret = -1;
-                            goto err;   /* failure */
-                        }
-                    }
-                }
-            numbytes = 0;
-            while (numbytes != 1)
-                {
-                num = read(fd, egdbuf, 1);
-                if (num == 0)
-                        goto err;       /* descriptor closed */
-                else if (num > 0)
-                    numbytes += num;
-                else
-                    {
-                    switch (errno)
-                        {
-#ifdef EINTR
-                        case EINTR:
-#endif
-#ifdef EAGAIN
-                        case EAGAIN:
-#endif
-                            /* No error, try again */
-                            break;
-                        default:
-                            ret = -1;
-                            goto err;   /* failure */
-                        }
-                    }
-                }
-            if(egdbuf[0] == 0)
-                goto err;
-            if (buf)
-                retrievebuf = buf + ret;
-            else
-                retrievebuf = tempbuf;
-            numbytes = 0;
-            while (numbytes != egdbuf[0])
-                {
-                num = read(fd, retrievebuf + numbytes, egdbuf[0] - numbytes);
-                if (num == 0)
-                        goto err;       /* descriptor closed */
-                else if (num > 0)
-                    numbytes += num;
-                else
-                    {
-                    switch (errno)
-                        {
-#ifdef EINTR
-                        case EINTR:
-#endif
-#ifdef EAGAIN
-                        case EAGAIN:
-#endif
-                            /* No error, try again */
-                            break;
-                        default:
-                            ret = -1;
-                            goto err;   /* failure */
-                        }
-                    }
-                }
-            ret += egdbuf[0];
-            bytes -= egdbuf[0];
-            if (!buf)
-                RAND_seed(tempbuf, egdbuf[0]);
-            }
- err:
-        if (fd != -1) close(fd);
-        return(ret);
-        }
-
-
-int RAND_egd_bytes(const char *path, int bytes)
-        {
-        int num, ret = 0;
-
-        num = RAND_query_egd_bytes(path, NULL, bytes);
-        if (num < 1) goto err;
-        if (RAND_status() == 1)
-            ret = num;
- err:
-        return(ret);
-        }
-
-
-int RAND_egd(const char *path)
-        {
-        return (RAND_egd_bytes(path, 255));
-        }
-
-
-#endif
diff --git a/src/lib/libcrypto/rand/rand_lcl.h b/src/lib/libcrypto/rand/rand_lcl.h
deleted file mode 100644
index 618a8ec899..0000000000
--- a/src/lib/libcrypto/rand/rand_lcl.h
+++ /dev/null
@@ -1,158 +0,0 @@
-/* crypto/rand/rand_lcl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_RAND_LCL_H
-#define HEADER_RAND_LCL_H
-
-#define ENTROPY_NEEDED 32  /* require 256 bits = 32 bytes of randomness */
-
-
-#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
-#define USE_SHA1_RAND
-#elif !defined(OPENSSL_NO_MD5)
-#define USE_MD5_RAND
-#elif !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)
-#define USE_MDC2_RAND
-#elif !defined(OPENSSL_NO_MD2)
-#define USE_MD2_RAND
-#else
-#error No message digest algorithm available
-#endif
-#endif
-
-#include <openssl/evp.h>
-#define MD_Update(a,b,c)        EVP_DigestUpdate(a,b,c)
-#define MD_Final(a,b)           EVP_DigestFinal_ex(a,b,NULL)
-#if defined(USE_MD5_RAND)
-#include <openssl/md5.h>
-#define MD_DIGEST_LENGTH        MD5_DIGEST_LENGTH
-#define MD_Init(a)              EVP_DigestInit_ex(a,EVP_md5(), NULL)
-#define MD(a,b,c)               EVP_Digest(a,b,c,NULL,EVP_md5(), NULL)
-#elif defined(USE_SHA1_RAND)
-#include <openssl/sha.h>
-#define MD_DIGEST_LENGTH        SHA_DIGEST_LENGTH
-#define MD_Init(a)              EVP_DigestInit_ex(a,EVP_sha1(), NULL)
-#define MD(a,b,c)               EVP_Digest(a,b,c,NULL,EVP_sha1(), NULL)
-#elif defined(USE_MDC2_RAND)
-#include <openssl/mdc2.h>
-#define MD_DIGEST_LENGTH        MDC2_DIGEST_LENGTH
-#define MD_Init(a)              EVP_DigestInit_ex(a,EVP_mdc2(), NULL)
-#define MD(a,b,c)               EVP_Digest(a,b,c,NULL,EVP_mdc2(), NULL)
-#elif defined(USE_MD2_RAND)
-#include <openssl/md2.h>
-#define MD_DIGEST_LENGTH        MD2_DIGEST_LENGTH
-#define MD_Init(a)              EVP_DigestInit_ex(a,EVP_md2(), NULL)
-#define MD(a,b,c)               EVP_Digest(a,b,c,NULL,EVP_md2(), NULL)
-#endif
-
-
-#endif
diff --git a/src/lib/libcrypto/rand/rand_lib.c b/src/lib/libcrypto/rand/rand_lib.c
index 5ac0e14caf..243a87ddfb 100644
--- a/src/lib/libcrypto/rand/rand_lib.c
+++ b/src/lib/libcrypto/rand/rand_lib.c
@@ -65,11 +65,6 @@
 #include <openssl/engine.h>
 #endif
 
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#include <openssl/fips_rand.h>
-#endif
-
 #ifndef OPENSSL_NO_ENGINE
 /* non-NULL if default_RAND_meth is ENGINE-provided */
 static ENGINE *funct_ref =NULL;
@@ -180,127 +175,3 @@ int RAND_status(void)
                 return meth->status();
         return 0;
         }
-
-#ifdef OPENSSL_FIPS
-
-/* FIPS DRBG initialisation code. This sets up the DRBG for use by the
- * rest of OpenSSL. 
- */
-
-/* Entropy gatherer: use standard OpenSSL PRNG to seed (this will gather
- * entropy internally through RAND_poll().
- */
-
-static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout,
-                                int entropy, size_t min_len, size_t max_len)
-        {
-        /* Round up request to multiple of block size */
-        min_len = ((min_len + 19) / 20) * 20;
-        *pout = OPENSSL_malloc(min_len);
-        if (!*pout)
-                return 0;
-        if (RAND_SSLeay()->bytes(*pout, min_len) <= 0)
-                {
-                OPENSSL_free(*pout);
-                *pout = NULL;
-                return 0;
-                }
-        return min_len;
-        }
-
-static void drbg_free_entropy(DRBG_CTX *ctx, unsigned char *out, size_t olen)
-        {
-        if (out)
-                {
-                OPENSSL_cleanse(out, olen);
-                OPENSSL_free(out);
-                }
-        }
-
-/* Set "additional input" when generating random data. This uses the
- * current PID, a time value and a counter.
- */
-
-static size_t drbg_get_adin(DRBG_CTX *ctx, unsigned char **pout)
-        {
-        /* Use of static variables is OK as this happens under a lock */
-        static unsigned char buf[16];
-        static unsigned long counter;
-        FIPS_get_timevec(buf, &counter);
-        *pout = buf;
-        return sizeof(buf);
-        }
-
-/* RAND_add() and RAND_seed() pass through to OpenSSL PRNG so it is 
- * correctly seeded by RAND_poll().
- */
-
-static int drbg_rand_add(DRBG_CTX *ctx, const void *in, int inlen,
-                                double entropy)
-        {
-        RAND_SSLeay()->add(in, inlen, entropy);
-        return 1;
-        }
-
-static int drbg_rand_seed(DRBG_CTX *ctx, const void *in, int inlen)
-        {
-        RAND_SSLeay()->seed(in, inlen);
-        return 1;
-        }
-
-#ifndef OPENSSL_DRBG_DEFAULT_TYPE
-#define OPENSSL_DRBG_DEFAULT_TYPE       NID_aes_256_ctr
-#endif
-#ifndef OPENSSL_DRBG_DEFAULT_FLAGS
-#define OPENSSL_DRBG_DEFAULT_FLAGS      DRBG_FLAG_CTR_USE_DF
-#endif 
-
-static int fips_drbg_type = OPENSSL_DRBG_DEFAULT_TYPE;
-static int fips_drbg_flags = OPENSSL_DRBG_DEFAULT_FLAGS;
-
-void RAND_set_fips_drbg_type(int type, int flags)
-        {
-        fips_drbg_type = type;
-        fips_drbg_flags = flags;
-        }
-
-int RAND_init_fips(void)
-        {
-        DRBG_CTX *dctx;
-        size_t plen;
-        unsigned char pers[32], *p;
-#ifndef OPENSSL_ALLOW_DUAL_EC_DRBG
-        if (fips_drbg_type >> 16)
-                {
-                RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_DUAL_EC_DRBG_DISABLED);
-                return 0;
-                }
-#endif
-                
-        dctx = FIPS_get_default_drbg();
-        if (FIPS_drbg_init(dctx, fips_drbg_type, fips_drbg_flags) <= 0)
-                {
-                RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_ERROR_INITIALISING_DRBG);
-                return 0;
-                }
-                
-        FIPS_drbg_set_callbacks(dctx,
-                                drbg_get_entropy, drbg_free_entropy, 20,
-                                drbg_get_entropy, drbg_free_entropy);
-        FIPS_drbg_set_rand_callbacks(dctx, drbg_get_adin, 0,
-                                        drbg_rand_seed, drbg_rand_add);
-        /* Personalisation string: a string followed by date time vector */
-        strcpy((char *)pers, "OpenSSL DRBG2.0");
-        plen = drbg_get_adin(dctx, &p);
-        memcpy(pers + 16, p, plen);
-
-        if (FIPS_drbg_instantiate(dctx, pers, sizeof(pers)) <= 0)
-                {
-                RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_ERROR_INSTANTIATING_DRBG);
-                return 0;
-                }
-        FIPS_rand_set_method(FIPS_drbg_method());
-        return 1;
-        }
-
-#endif
diff --git a/src/lib/libcrypto/rand/rand_unix.c b/src/lib/libcrypto/rand/rand_unix.c
index 3316388443..a5b9b2a529 100644
--- a/src/lib/libcrypto/rand/rand_unix.c
+++ b/src/lib/libcrypto/rand/rand_unix.c
@@ -108,318 +108,14 @@
  * Hudson (tjh@cryptsoft.com).
  *
  */
-#include <stdio.h>
-
-#define USE_SOCKETS
 #include "e_os.h"
 #include "cryptlib.h"
 #include <openssl/rand.h>
-#include "rand_lcl.h"
-
-#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))
-
-#include <sys/types.h>
-#include <sys/time.h>
-#include <sys/times.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <time.h>
-#if defined(OPENSSL_SYS_LINUX) /* should actually be available virtually everywhere */
-# include <poll.h>
-#endif
-#include <limits.h>
-#ifndef FD_SETSIZE
-# define FD_SETSIZE (8*sizeof(fd_set))
-#endif
-
-#if defined(OPENSSL_SYS_VOS)
-
-/* The following algorithm repeatedly samples the real-time clock
-   (RTC) to generate a sequence of unpredictable data.  The algorithm
-   relies upon the uneven execution speed of the code (due to factors
-   such as cache misses, interrupts, bus activity, and scheduling) and
-   upon the rather large relative difference between the speed of the
-   clock and the rate at which it can be read.
-
-   If this code is ported to an environment where execution speed is
-   more constant or where the RTC ticks at a much slower rate, or the
-   clock can be read with fewer instructions, it is likely that the
-   results would be far more predictable.
-
-   As a precaution, we generate 4 times the minimum required amount of
-   seed data.  */
-
-int RAND_poll(void)
-{
-        short int code;
-        gid_t curr_gid;
-        pid_t curr_pid;
-        uid_t curr_uid;
-        int i, k;
-        struct timespec ts;
-        unsigned char v;
-
-#ifdef OPENSSL_SYS_VOS_HPPA
-        long duration;
-        extern void s$sleep (long *_duration, short int *_code);
-#else
-#ifdef OPENSSL_SYS_VOS_IA32
-        long long duration;
-        extern void s$sleep2 (long long *_duration, short int *_code);
-#else
-#error "Unsupported Platform."
-#endif /* OPENSSL_SYS_VOS_IA32 */
-#endif /* OPENSSL_SYS_VOS_HPPA */
-
-        /* Seed with the gid, pid, and uid, to ensure *some*
-           variation between different processes.  */
 
-        curr_gid = getgid();
-        RAND_add (&curr_gid, sizeof curr_gid, 1);
-        curr_gid = 0;
+#include <stdlib.h>
+#include <string.h>
 
-        curr_pid = getpid();
-        RAND_add (&curr_pid, sizeof curr_pid, 1);
-        curr_pid = 0;
-
-        curr_uid = getuid();
-        RAND_add (&curr_uid, sizeof curr_uid, 1);
-        curr_uid = 0;
-
-        for (i=0; i<(ENTROPY_NEEDED*4); i++)
-        {
-                /* burn some cpu; hope for interrupts, cache
-                   collisions, bus interference, etc.  */
-                for (k=0; k<99; k++)
-                        ts.tv_nsec = random ();
-
-#ifdef OPENSSL_SYS_VOS_HPPA
-                /* sleep for 1/1024 of a second (976 us).  */
-                duration = 1;
-                s$sleep (&duration, &code);
-#else
-#ifdef OPENSSL_SYS_VOS_IA32
-                /* sleep for 1/65536 of a second (15 us).  */
-                duration = 1;
-                s$sleep2 (&duration, &code);
-#endif /* OPENSSL_SYS_VOS_IA32 */
-#endif /* OPENSSL_SYS_VOS_HPPA */
-
-                /* get wall clock time.  */
-                clock_gettime (CLOCK_REALTIME, &ts);
-
-                /* take 8 bits */
-                v = (unsigned char) (ts.tv_nsec % 256);
-                RAND_add (&v, sizeof v, 1);
-                v = 0;
-        }
-        return 1;
-}
-#elif defined __OpenBSD__
 int RAND_poll(void)
 {
-        unsigned char buf[ENTROPY_NEEDED];
-
-        arc4random_buf(buf, sizeof(buf));
-        RAND_add(buf, sizeof(buf), sizeof(buf));
-        memset(buf, 0, sizeof(buf));
-
         return 1;
 }
-#else /* !defined(__OpenBSD__) */
-int RAND_poll(void)
-{
-        unsigned long l;
-        pid_t curr_pid = getpid();
-#if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
-        unsigned char tmpbuf[ENTROPY_NEEDED];
-        int n = 0;
-#endif
-#ifdef DEVRANDOM
-        static const char *randomfiles[] = { DEVRANDOM };
-        struct stat randomstats[sizeof(randomfiles)/sizeof(randomfiles[0])];
-        int fd;
-        unsigned int i;
-#endif
-#ifdef DEVRANDOM_EGD
-        static const char *egdsockets[] = { DEVRANDOM_EGD, NULL };
-        const char **egdsocket = NULL;
-#endif
-
-#ifdef DEVRANDOM
-        memset(randomstats,0,sizeof(randomstats));
-        /* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
-         * have this. Use /dev/urandom if you can as /dev/random may block
-         * if it runs out of random entries.  */
-
-        for (i = 0; (i < sizeof(randomfiles)/sizeof(randomfiles[0])) &&
-                        (n < ENTROPY_NEEDED); i++)
-                {
-                if ((fd = open(randomfiles[i], O_RDONLY
-#ifdef O_NONBLOCK
-                        |O_NONBLOCK
-#endif
-#ifdef O_BINARY
-                        |O_BINARY
-#endif
-#ifdef O_NOCTTY /* If it happens to be a TTY (god forbid), do not make it
-                   our controlling tty */
-                        |O_NOCTTY
-#endif
-                        )) >= 0)
-                        {
-                        int usec = 10*1000; /* spend 10ms on each file */
-                        int r;
-                        unsigned int j;
-                        struct stat *st=&randomstats[i];
-
-                        /* Avoid using same input... Used to be O_NOFOLLOW
-                         * above, but it's not universally appropriate... */
-                        if (fstat(fd,st) != 0)  { close(fd); continue; }
-                        for (j=0;j<i;j++)
-                                {
-                                if (randomstats[j].st_ino==st->st_ino &&
-                                    randomstats[j].st_dev==st->st_dev)
-                                        break;
-                                }
-                        if (j<i)                { close(fd); continue; }
-
-                        do
-                                {
-                                int try_read = 0;
-
-#if defined(OPENSSL_SYS_BEOS_R5)
-                                /* select() is broken in BeOS R5, so we simply
-                                 *  try to read something and snooze if we couldn't */
-                                try_read = 1;
-
-#elif defined(OPENSSL_SYS_LINUX)
-                                /* use poll() */
-                                struct pollfd pset;
-                                
-                                pset.fd = fd;
-                                pset.events = POLLIN;
-                                pset.revents = 0;
-
-                                if (poll(&pset, 1, usec / 1000) < 0)
-                                        usec = 0;
-                                else
-                                        try_read = (pset.revents & POLLIN) != 0;
-
-#else
-                                /* use select() */
-                                fd_set fset;
-                                struct timeval t;
-                                
-                                t.tv_sec = 0;
-                                t.tv_usec = usec;
-
-                                if (FD_SETSIZE > 0 && (unsigned)fd >= FD_SETSIZE)
-                                        {
-                                        /* can't use select, so just try to read once anyway */
-                                        try_read = 1;
-                                        }
-                                else
-                                        {
-                                        FD_ZERO(&fset);
-                                        FD_SET(fd, &fset);
-                                        
-                                        if (select(fd+1,&fset,NULL,NULL,&t) >= 0)
-                                                {
-                                                usec = t.tv_usec;
-                                                if (FD_ISSET(fd, &fset))
-                                                        try_read = 1;
-                                                }
-                                        else
-                                                usec = 0;
-                                        }
-#endif
-                                
-                                if (try_read)
-                                        {
-                                        r = read(fd,(unsigned char *)tmpbuf+n, ENTROPY_NEEDED-n);
-                                        if (r > 0)
-                                                n += r;
-#if defined(OPENSSL_SYS_BEOS_R5)
-                                        if (r == 0)
-                                                snooze(t.tv_usec);
-#endif
-                                        }
-                                else
-                                        r = -1;
-                                
-                                /* Some Unixen will update t in select(), some
-                                   won't.  For those who won't, or if we
-                                   didn't use select() in the first place,
-                                   give up here, otherwise, we will do
-                                   this once again for the remaining
-                                   time. */
-                                if (usec == 10*1000)
-                                        usec = 0;
-                                }
-                        while ((r > 0 ||
-                               (errno == EINTR || errno == EAGAIN)) && usec != 0 && n < ENTROPY_NEEDED);
-
-                        close(fd);
-                        }
-                }
-#endif /* defined(DEVRANDOM) */
-
-#ifdef DEVRANDOM_EGD
-        /* Use an EGD socket to read entropy from an EGD or PRNGD entropy
-         * collecting daemon. */
-
-        for (egdsocket = egdsockets; *egdsocket && n < ENTROPY_NEEDED; egdsocket++)
-                {
-                int r;
-
-                r = RAND_query_egd_bytes(*egdsocket, (unsigned char *)tmpbuf+n,
-                                         ENTROPY_NEEDED-n);
-                if (r > 0)
-                        n += r;
-                }
-#endif /* defined(DEVRANDOM_EGD) */
-
-#if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
-        if (n > 0)
-                {
-                RAND_add(tmpbuf,sizeof tmpbuf,(double)n);
-                OPENSSL_cleanse(tmpbuf,n);
-                }
-#endif
-
-        /* put in some default random data, we need more than just this */
-        l=curr_pid;
-        RAND_add(&l,sizeof(l),0.0);
-        l=getuid();
-        RAND_add(&l,sizeof(l),0.0);
-
-        l=time(NULL);
-        RAND_add(&l,sizeof(l),0.0);
-
-#if defined(OPENSSL_SYS_BEOS)
-        {
-        system_info sysInfo;
-        get_system_info(&sysInfo);
-        RAND_add(&sysInfo,sizeof(sysInfo),0);
-        }
-#endif
-
-#if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
-        return 1;
-#else
-        return 0;
-#endif
-}
-
-#endif /* defined(__OpenBSD__) */
-#endif /* !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) */
-
-
-#if defined(OPENSSL_SYS_VXWORKS)
-int RAND_poll(void)
-        {
-        return 0;
-        }
-#endif
diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c
index 10d511b8e8..2cacebcf07 100644
--- a/src/lib/libcrypto/rand/randfile.c
+++ b/src/lib/libcrypto/rand/randfile.c
@@ -56,11 +56,6 @@
  * [including the GNU Public Licence.]
  */
 
-/* We need to define this to get macros like S_IFBLK and S_IFCHR */
-#if !defined(OPENSSL_SYS_VXWORKS)
-#define _XOPEN_SOURCE 500
-#endif
-
 #include <errno.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -71,35 +66,14 @@
 #include <openssl/rand.h>
 #include <openssl/buffer.h>
 
-#ifdef OPENSSL_SYS_VMS
-#include <unixio.h>
-#endif
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#ifndef OPENSSL_NO_POSIX_IO
-# include <sys/stat.h>
-#endif
-
-#ifdef _WIN32
-#define stat    _stat
-#define chmod   _chmod
-#define open    _open
-#define fdopen  _fdopen
-#endif
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
 
 #undef BUFSIZE
 #define BUFSIZE 1024
 #define RAND_DATA 1024
 
-#ifdef OPENSSL_SYS_VMS
-/* This declaration is a nasty hack to get around vms' extension to fopen
- * for passing in sharing options being disabled by our /STANDARD=ANSI89 */
-static FILE *(*const vms_fopen)(const char *, const char *, ...) =
-    (FILE *(*)(const char *, const char *, ...))fopen;
-#define VMS_OPEN_ATTRS "shr=get,put,upd,del","ctx=bin,stm","rfm=stm","rat=none","mrs=0"
-#endif
-
 /* #define RFILE ".rnd" - defined in ../../e_os.h */
 
 /* Note that these functions are intended for seed files only.
@@ -107,75 +81,7 @@ static FILE *(*const vms_fopen)(const char *, const char *, ...) =
 
 int RAND_load_file(const char *file, long bytes)
         {
-        /* If bytes >= 0, read up to 'bytes' bytes.
-         * if bytes == -1, read complete file. */
-
-        unsigned char buf[BUFSIZE];
-#ifndef OPENSSL_NO_POSIX_IO
-        struct stat sb;
-#endif
-        int i,ret=0,n;
-        FILE *in;
-
-        if (file == NULL) return(0);
-
-#ifndef OPENSSL_NO_POSIX_IO
-#ifdef PURIFY
-        /* struct stat can have padding and unused fields that may not be
-         * initialized in the call to stat(). We need to clear the entire
-         * structure before calling RAND_add() to avoid complaints from
-         * applications such as Valgrind.
-         */
-        memset(&sb, 0, sizeof(sb));
-#endif
-        if (stat(file,&sb) < 0) return(0);
-        RAND_add(&sb,sizeof(sb),0.0);
-#endif
-        if (bytes == 0) return(ret);
-
-#ifdef OPENSSL_SYS_VMS
-        in=vms_fopen(file,"rb",VMS_OPEN_ATTRS);
-#else
-        in=fopen(file,"rb");
-#endif
-        if (in == NULL) goto err;
-#if defined(S_IFBLK) && defined(S_IFCHR) && !defined(OPENSSL_NO_POSIX_IO)
-        if (sb.st_mode & (S_IFBLK | S_IFCHR)) {
-          /* this file is a device. we don't want read an infinite number
-           * of bytes from a random device, nor do we want to use buffered
-           * I/O because we will waste system entropy. 
-           */
-          bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */
-#ifndef OPENSSL_NO_SETVBUF_IONBF
-          setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */
-#endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
-        }
-#endif
-        for (;;)
-                {
-                if (bytes > 0)
-                        n = (bytes < BUFSIZE)?(int)bytes:BUFSIZE;
-                else
-                        n = BUFSIZE;
-                i=fread(buf,1,n,in);
-                if (i <= 0) break;
-#ifdef PURIFY
-                RAND_add(buf,i,(double)i);
-#else
-                /* even if n != i, use the full array */
-                RAND_add(buf,n,(double)i);
-#endif
-                ret+=i;
-                if (bytes > 0)
-                        {
-                        bytes-=n;
-                        if (bytes <= 0) break;
-                        }
-                }
-        fclose(in);
-        OPENSSL_cleanse(buf,BUFSIZE);
-err:
-        return(ret);
+        return(0);
         }
 
 int RAND_write_file(const char *file)
@@ -184,12 +90,10 @@ int RAND_write_file(const char *file)
         int i,ret=0,rand_err=0;
         FILE *out = NULL;
         int n;
-#ifndef OPENSSL_NO_POSIX_IO
         struct stat sb;
         
         i=stat(file,&sb);
         if (i != -1) { 
-#if defined(S_ISBLK) && defined(S_ISCHR)
           if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) {
             /* this file is a device. we don't write back to it. 
              * we "succeed" on the assumption this is some sort 
@@ -198,55 +102,21 @@ int RAND_write_file(const char *file)
              */
             return(1); 
           }
-#endif
         }
-#endif
 
-#if defined(O_CREAT) && !defined(OPENSSL_NO_POSIX_IO) && !defined(OPENSSL_SYS_VMS)
         {
-#ifndef O_BINARY
-#define O_BINARY 0
-#endif
         /* chmod(..., 0600) is too late to protect the file,
          * permissions should be restrictive from the start */
-        int fd = open(file, O_WRONLY|O_CREAT|O_BINARY, 0600);
+        int fd = open(file, O_WRONLY|O_CREAT, 0600);
         if (fd != -1)
                 out = fdopen(fd, "wb");
         }
-#endif
-
-#ifdef OPENSSL_SYS_VMS
-        /* VMS NOTE: Prior versions of this routine created a _new_
-         * version of the rand file for each call into this routine, then
-         * deleted all existing versions named ;-1, and finally renamed
-         * the current version as ';1'. Under concurrent usage, this
-         * resulted in an RMS race condition in rename() which could
-         * orphan files (see vms message help for RMS$_REENT). With the
-         * fopen() calls below, openssl/VMS now shares the top-level
-         * version of the rand file. Note that there may still be
-         * conditions where the top-level rand file is locked. If so, this
-         * code will then create a new version of the rand file. Without
-         * the delete and rename code, this can result in ascending file
-         * versions that stop at version 32767, and this routine will then
-         * return an error. The remedy for this is to recode the calling
-         * application to avoid concurrent use of the rand file, or
-         * synchronize usage at the application level. Also consider
-         * whether or not you NEED a persistent rand file in a concurrent
-         * use situation. 
-         */
 
-        out = vms_fopen(file,"rb+",VMS_OPEN_ATTRS);
-        if (out == NULL)
-                out = vms_fopen(file,"wb",VMS_OPEN_ATTRS);
-#else
         if (out == NULL)
                 out = fopen(file,"wb");
-#endif
         if (out == NULL) goto err;
 
-#ifndef NO_CHMOD
         chmod(file,0600);
-#endif
         n=RAND_DATA;
         for (;;)
                 {
@@ -273,9 +143,7 @@ err:
 const char *RAND_file_name(char *buf, size_t size)
         {
         char *s=NULL;
-#ifdef __OpenBSD__
         struct stat sb;
-#endif
 
         if (OPENSSL_issetugid() == 0)
                 s=getenv("RANDFILE");
@@ -288,25 +156,16 @@ const char *RAND_file_name(char *buf, size_t size)
                 {
                 if (OPENSSL_issetugid() == 0)
                         s=getenv("HOME");
-#ifdef DEFAULT_HOME
-                if (s == NULL)
-                        {
-                        s = DEFAULT_HOME;
-                        }
-#endif
                 if (s && *s && strlen(s)+strlen(RFILE)+2 < size)
                         {
                         BUF_strlcpy(buf,s,size);
-#ifndef OPENSSL_SYS_VMS
                         BUF_strlcat(buf,"/",size);
-#endif
                         BUF_strlcat(buf,RFILE,size);
                         }
                 else
                         buf[0] = '\0'; /* no file name */
                 }
 
-#ifdef __OpenBSD__
         /* given that all random loads just fail if the file can't be 
          * seen on a stat, we stat the file we're returning, if it
          * fails, use /dev/arandom instead. this allows the user to 
@@ -323,6 +182,5 @@ const char *RAND_file_name(char *buf, size_t size)
                         return(NULL);
                 }       
 
-#endif
         return(buf);
         }
diff --git a/src/lib/libcrypto/rand/rc4_rand.c b/src/lib/libcrypto/rand/rc4_rand.c
new file mode 100644
index 0000000000..ebfb241d53
--- /dev/null
+++ b/src/lib/libcrypto/rand/rc4_rand.c
@@ -0,0 +1,44 @@
+/*      $OpenBSD: rc4_rand.c,v 1.1 2014/04/15 16:52:50 miod Exp $       */
+
+/*
+ * Copyright (c) 2014 Miodrag Vallat.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <stdlib.h>
+
+#include <openssl/rand.h>
+
+static int
+arc4_rand_bytes(unsigned char *buf, int num)
+{
+        if (num > 0)
+                arc4random_buf(buf, (size_t)num);
+
+        return 1;
+}
+
+static RAND_METHOD rand_arc4_meth = {
+        .seed = NULL,           /* no external seed allowed */
+        .bytes = arc4_rand_bytes,
+        .cleanup = NULL,        /* no cleanup necessary */
+        .add = NULL,            /* no external feed allowed */
+        .pseudorand = arc4_rand_bytes,
+        .status = NULL          /* no possible error condition */
+};
+
+RAND_METHOD *RAND_SSLeay(void)
+{
+        return &rand_arc4_meth;
+}