Loading CHANGES +0 −4 Original line number Diff line number Diff line Loading @@ -31,10 +31,6 @@ (1 = ok, 0 = not seeded). Also an error is recorded on the thread's error queue. New function RAND_pseudo_bytes() generates output that is guaranteed to be unique but not unpredictable. (TO DO: always check the result of RAND_bytes when it is used in the library, or use RAND_pseudo_bytes instead, because leaving the error in the error queue but reporting success in a function that uses RAND_bytes could confuse things considerably.) [Ulf Möller] *) Do more iterations of Rabin-Miller probable prime test (specifically, Loading apps/enc.c +5 −1 Original line number Diff line number Diff line Loading @@ -448,7 +448,11 @@ bad: "invalid hex salt value\n"); goto end; } } else RAND_bytes(salt, PKCS5_SALT_LEN); } else if (RAND_bytes(salt, PKCS5_SALT_LEN) <= 0) { BIO_printf(bio_err, "prng not seeded\n"); goto end; } /* If -P option then don't bother writing */ if((printkey != 2) && (BIO_write(wbio,magic, Loading crypto/asn1/p5_pbe.c +2 −1 Original line number Diff line number Diff line Loading @@ -129,7 +129,8 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, } pbe->salt->length = saltlen; if (salt) memcpy (pbe->salt->data, salt, saltlen); else RAND_bytes (pbe->salt->data, saltlen); else if (RAND_bytes (pbe->salt->data, saltlen) <= 0) return NULL; if (!(astype = ASN1_TYPE_new())) { ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); Loading crypto/asn1/p5_pbev2.c +2 −2 Original line number Diff line number Diff line Loading @@ -194,7 +194,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, if(!(scheme->parameter = ASN1_TYPE_new())) goto merr; /* Create random IV */ RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)); RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)); /* Dummy cipherinit to just setup the IV */ EVP_CipherInit(&ctx, cipher, NULL, iv, 0); Loading @@ -212,7 +212,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, if (!(osalt->data = Malloc (saltlen))) goto merr; osalt->length = saltlen; if (salt) memcpy (osalt->data, salt, saltlen); else RAND_bytes (osalt->data, saltlen); else if (RAND_bytes (osalt->data, saltlen) <= 0) goto merr; if(iter <= 0) iter = PKCS5_DEFAULT_ITER; if(!ASN1_INTEGER_set(kdf->iter, iter)) goto merr; Loading crypto/bio/bf_nbio.c +2 −2 Original line number Diff line number Diff line Loading @@ -137,7 +137,7 @@ static int nbiof_read(BIO *b, char *out, int outl) BIO_clear_retry_flags(b); #if 0 RAND_bytes(&n,1); RAND_pseudo_bytes(&n,1); num=(n&0x07); if (outl > num) outl=num; Loading Loading @@ -178,7 +178,7 @@ static int nbiof_write(BIO *b, char *in, int inl) } else { RAND_bytes(&n,1); RAND_pseudo_bytes(&n,1); num=(n&7); } Loading Loading
CHANGES +0 −4 Original line number Diff line number Diff line Loading @@ -31,10 +31,6 @@ (1 = ok, 0 = not seeded). Also an error is recorded on the thread's error queue. New function RAND_pseudo_bytes() generates output that is guaranteed to be unique but not unpredictable. (TO DO: always check the result of RAND_bytes when it is used in the library, or use RAND_pseudo_bytes instead, because leaving the error in the error queue but reporting success in a function that uses RAND_bytes could confuse things considerably.) [Ulf Möller] *) Do more iterations of Rabin-Miller probable prime test (specifically, Loading
apps/enc.c +5 −1 Original line number Diff line number Diff line Loading @@ -448,7 +448,11 @@ bad: "invalid hex salt value\n"); goto end; } } else RAND_bytes(salt, PKCS5_SALT_LEN); } else if (RAND_bytes(salt, PKCS5_SALT_LEN) <= 0) { BIO_printf(bio_err, "prng not seeded\n"); goto end; } /* If -P option then don't bother writing */ if((printkey != 2) && (BIO_write(wbio,magic, Loading
crypto/asn1/p5_pbe.c +2 −1 Original line number Diff line number Diff line Loading @@ -129,7 +129,8 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, } pbe->salt->length = saltlen; if (salt) memcpy (pbe->salt->data, salt, saltlen); else RAND_bytes (pbe->salt->data, saltlen); else if (RAND_bytes (pbe->salt->data, saltlen) <= 0) return NULL; if (!(astype = ASN1_TYPE_new())) { ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); Loading
crypto/asn1/p5_pbev2.c +2 −2 Original line number Diff line number Diff line Loading @@ -194,7 +194,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, if(!(scheme->parameter = ASN1_TYPE_new())) goto merr; /* Create random IV */ RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)); RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)); /* Dummy cipherinit to just setup the IV */ EVP_CipherInit(&ctx, cipher, NULL, iv, 0); Loading @@ -212,7 +212,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, if (!(osalt->data = Malloc (saltlen))) goto merr; osalt->length = saltlen; if (salt) memcpy (osalt->data, salt, saltlen); else RAND_bytes (osalt->data, saltlen); else if (RAND_bytes (osalt->data, saltlen) <= 0) goto merr; if(iter <= 0) iter = PKCS5_DEFAULT_ITER; if(!ASN1_INTEGER_set(kdf->iter, iter)) goto merr; Loading
crypto/bio/bf_nbio.c +2 −2 Original line number Diff line number Diff line Loading @@ -137,7 +137,7 @@ static int nbiof_read(BIO *b, char *out, int outl) BIO_clear_retry_flags(b); #if 0 RAND_bytes(&n,1); RAND_pseudo_bytes(&n,1); num=(n&0x07); if (outl > num) outl=num; Loading Loading @@ -178,7 +178,7 @@ static int nbiof_write(BIO *b, char *in, int inl) } else { RAND_bytes(&n,1); RAND_pseudo_bytes(&n,1); num=(n&7); } Loading
