Loading CHANGES +5 −4 Original line number Diff line number Diff line Loading @@ -7,11 +7,12 @@ *) Precautions against using the PRNG uninitialized: RAND_bytes() now has a return value which indicates the quality of the random data (1 = ok, 0 = not seeded). Also an error is recorded on the thread's error queue. error queue. New function RAND_pseudo_bytes() generates output that is guaranteed to be unique but not unpredictable. (TO DO: always check the result of RAND_bytes when it is used in the library, because leaving the error in the error queue but reporting success in a function that uses RAND_bytes could confuse things considerably.) library, or use RAND_pseudo_bytes instead, because leaving the error in the error queue but reporting success in a function that uses RAND_bytes could confuse things considerably.) [Ulf Möller] *) Do more iterations of Rabin-Miller probable prime test (specifically, Loading apps/speed.c +2 −2 Original line number Diff line number Diff line Loading @@ -965,7 +965,7 @@ int MAIN(int argc, char **argv) } #endif RAND_bytes(buf,36); RAND_pseudo_bytes(buf,36); #ifndef NO_RSA for (j=0; j<RSA_NUM; j++) { Loading Loading @@ -1026,7 +1026,7 @@ int MAIN(int argc, char **argv) } #endif RAND_bytes(buf,20); RAND_pseudo_bytes(buf,20); #ifndef NO_DSA for (j=0; j<DSA_NUM; j++) { Loading crypto/pkcs7/pk7_mime.c +1 −1 Original line number Diff line number Diff line Loading @@ -149,7 +149,7 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) if((flags & PKCS7_DETACHED) && data) { /* We want multipart/signed */ /* Generate a random boundary */ RAND_bytes((unsigned char *)bound, 32); RAND_pseudo_bytes((unsigned char *)bound, 32); for(i = 0; i < 32; i++) { c = bound[i] & 0xf; if(c < 10) c += '0'; Loading crypto/rand/md_rand.c +19 −0 Original line number Diff line number Diff line Loading @@ -146,12 +146,14 @@ static void ssleay_rand_cleanup(void); static void ssleay_rand_seed(const void *buf, int num); static void ssleay_rand_add(const void *buf, int num, int add_entropy); static int ssleay_rand_bytes(unsigned char *buf, int num); static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num); RAND_METHOD rand_ssleay_meth={ ssleay_rand_seed, ssleay_rand_bytes, ssleay_rand_cleanup, ssleay_rand_add, ssleay_rand_pseudo_bytes, }; RAND_METHOD *RAND_SSLeay(void) Loading Loading @@ -449,6 +451,23 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) } } /* pseudo-random bytes that are guaranteed to be unique but not unpredictable */ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) { int ret, err; ret = RAND_bytes(buf, num); if (ret == 0) { err = ERR_peek_error(); if (ERR_GET_LIB(err) == ERR_LIB_RAND && ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED) (void)ERR_get_error(); } return (ret); } #ifdef WINDOWS #include <windows.h> #include <openssl/rand.h> Loading crypto/rand/rand.h +2 −0 Original line number Diff line number Diff line Loading @@ -69,6 +69,7 @@ typedef struct rand_meth_st int (*bytes)(unsigned char *buf, int num); void (*cleanup)(void); void (*add)(const void *buf, int num, int entropy); int (*pseudorand)(unsigned char *buf, int num); } RAND_METHOD; void RAND_set_rand_method(RAND_METHOD *meth); Loading @@ -76,6 +77,7 @@ RAND_METHOD *RAND_get_rand_method(void ); RAND_METHOD *RAND_SSLeay(void); void RAND_cleanup(void ); int RAND_bytes(unsigned char *buf,int num); int RAND_pseudo_bytes(unsigned char *buf,int num); void RAND_seed(const void *buf,int num); void RAND_add(const void *buf,int num,int entropy); int RAND_load_file(const char *file,long max_bytes); Loading Loading
CHANGES +5 −4 Original line number Diff line number Diff line Loading @@ -7,11 +7,12 @@ *) Precautions against using the PRNG uninitialized: RAND_bytes() now has a return value which indicates the quality of the random data (1 = ok, 0 = not seeded). Also an error is recorded on the thread's error queue. error queue. New function RAND_pseudo_bytes() generates output that is guaranteed to be unique but not unpredictable. (TO DO: always check the result of RAND_bytes when it is used in the library, because leaving the error in the error queue but reporting success in a function that uses RAND_bytes could confuse things considerably.) library, or use RAND_pseudo_bytes instead, because leaving the error in the error queue but reporting success in a function that uses RAND_bytes could confuse things considerably.) [Ulf Möller] *) Do more iterations of Rabin-Miller probable prime test (specifically, Loading
apps/speed.c +2 −2 Original line number Diff line number Diff line Loading @@ -965,7 +965,7 @@ int MAIN(int argc, char **argv) } #endif RAND_bytes(buf,36); RAND_pseudo_bytes(buf,36); #ifndef NO_RSA for (j=0; j<RSA_NUM; j++) { Loading Loading @@ -1026,7 +1026,7 @@ int MAIN(int argc, char **argv) } #endif RAND_bytes(buf,20); RAND_pseudo_bytes(buf,20); #ifndef NO_DSA for (j=0; j<DSA_NUM; j++) { Loading
crypto/pkcs7/pk7_mime.c +1 −1 Original line number Diff line number Diff line Loading @@ -149,7 +149,7 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) if((flags & PKCS7_DETACHED) && data) { /* We want multipart/signed */ /* Generate a random boundary */ RAND_bytes((unsigned char *)bound, 32); RAND_pseudo_bytes((unsigned char *)bound, 32); for(i = 0; i < 32; i++) { c = bound[i] & 0xf; if(c < 10) c += '0'; Loading
crypto/rand/md_rand.c +19 −0 Original line number Diff line number Diff line Loading @@ -146,12 +146,14 @@ static void ssleay_rand_cleanup(void); static void ssleay_rand_seed(const void *buf, int num); static void ssleay_rand_add(const void *buf, int num, int add_entropy); static int ssleay_rand_bytes(unsigned char *buf, int num); static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num); RAND_METHOD rand_ssleay_meth={ ssleay_rand_seed, ssleay_rand_bytes, ssleay_rand_cleanup, ssleay_rand_add, ssleay_rand_pseudo_bytes, }; RAND_METHOD *RAND_SSLeay(void) Loading Loading @@ -449,6 +451,23 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) } } /* pseudo-random bytes that are guaranteed to be unique but not unpredictable */ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) { int ret, err; ret = RAND_bytes(buf, num); if (ret == 0) { err = ERR_peek_error(); if (ERR_GET_LIB(err) == ERR_LIB_RAND && ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED) (void)ERR_get_error(); } return (ret); } #ifdef WINDOWS #include <windows.h> #include <openssl/rand.h> Loading
crypto/rand/rand.h +2 −0 Original line number Diff line number Diff line Loading @@ -69,6 +69,7 @@ typedef struct rand_meth_st int (*bytes)(unsigned char *buf, int num); void (*cleanup)(void); void (*add)(const void *buf, int num, int entropy); int (*pseudorand)(unsigned char *buf, int num); } RAND_METHOD; void RAND_set_rand_method(RAND_METHOD *meth); Loading @@ -76,6 +77,7 @@ RAND_METHOD *RAND_get_rand_method(void ); RAND_METHOD *RAND_SSLeay(void); void RAND_cleanup(void ); int RAND_bytes(unsigned char *buf,int num); int RAND_pseudo_bytes(unsigned char *buf,int num); void RAND_seed(const void *buf,int num); void RAND_add(const void *buf,int num,int entropy); int RAND_load_file(const char *file,long max_bytes); Loading
