Use the private RNG for data that is not public (4cffafe9) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

crypto/bio/bf_nbio.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -89,7 +89,7 @@ static int nbiof_read(BIO b, char out, int outl)
		return 0;

		BIO_clear_retry_flags(b);
		if (RAND_bytes(&n, 1) <= 0)
		if (RAND_priv_bytes(&n, 1) <= 0)
		return -1;
		num = (n & 0x07);

		@@ -126,7 +126,7 @@ static int nbiof_write(BIO b, const char in, int inl)
		num = nt->lwn;
		nt->lwn = 0;
		} else {
		if (RAND_bytes(&n, 1) <= 0)
		if (RAND_priv_bytes(&n, 1) <= 0)
		return -1;
		num = (n & 7);
		}

+1 −1

Original line number	Diff line number	Diff line
		@@ -250,7 +250,7 @@ BN_BLINDING BN_BLINDING_create_param(BN_BLINDING b,

		do {
		int rv;
		if (!BN_rand_range(ret->A, ret->mod))
		if (!BN_priv_rand_range(ret->A, ret->mod))
		goto err;
		if (!int_bn_mod_inverse(ret->Ai, ret->A, ret->mod, ctx, &rv)) {
		/*

+3 −2

Original line number	Diff line number	Diff line
		@@ -279,6 +279,7 @@ static int probable_prime(BIGNUM rnd, int bits, prime_t mods)
		char is_single_word = bits <= BN_BITS2;

		again:
		/* TODO: Not all primes are private */
		if (!BN_priv_rand(rnd, bits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ODD))
		return 0;
		/* we now have a random number 'rnd' to test. */
		@@ -363,7 +364,7 @@ int bn_probable_prime_dh(BIGNUM *rnd, int bits,
		if ((t1 = BN_CTX_get(ctx)) == NULL)
		goto err;

		if (!BN_priv_rand(rnd, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
		if (!BN_rand(rnd, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
		goto err;

		/* we need ((rnd-rem) % add) == 0 */
		@@ -419,7 +420,7 @@ static int probable_prime_dh_safe(BIGNUM p, int bits, const BIGNUM padd,
		if (!BN_rshift1(qadd, padd))
		goto err;

		if (!BN_priv_rand(q, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
		if (!BN_rand(q, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
		goto err;

		/* we need ((rnd-rem) % add) == 0 */

+1 −1

Original line number	Diff line number	Diff line
		@@ -239,7 +239,7 @@ int BN_generate_dsa_nonce(BIGNUM out, const BIGNUM range,
		memset(private_bytes + todo, 0, sizeof(private_bytes) - todo);

		for (done = 0; done < num_k_bytes;) {
		if (RAND_bytes(random_bytes, sizeof(random_bytes)) != 1)
		if (RAND_priv_bytes(random_bytes, sizeof(random_bytes)) != 1)
		goto err;
		SHA512_Init(&sha);
		SHA512_Update(&sha, &done, sizeof(done));

+1 −1

Original line number	Diff line number	Diff line
		@@ -179,7 +179,7 @@ BIGNUM BN_mod_sqrt(BIGNUM in, const BIGNUM a, const BIGNUM p, BN_CTX *ctx)
		if (!BN_set_word(y, i))
		goto end;
		} else {
		if (!BN_rand(y, BN_num_bits(p), 0, 0))
		if (!BN_priv_rand(y, BN_num_bits(p), 0, 0))
		goto end;
		if (BN_ucmp(y, p) >= 0) {
		if (!(p->neg ? BN_add : BN_sub) (y, y, p))