projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Check RAND_bytes() return value or use RAND_pseudo_bytes().
[openssl.git] / crypto / asn1 / p5_pbev2.c
diff --git a/crypto/asn1/p5_pbev2.c b/crypto/asn1/p5_pbev2.c
index 502a8c399d190570e68edafb8a77407c28f89d3a..44d5b5bc6eca621481ee97c02b7951ee35f143ed 100644 (file)
--- a/crypto/asn1/p5_pbev2.c
+++ b/crypto/asn1/p5_pbev2.c
@@ -194,7 +194,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
        if(!(scheme->parameter = ASN1_TYPE_new())) goto merr;
 
        /* Create random IV */
-       RAND_bytes(iv, EVP_CIPHER_iv_length(cipher));
+       RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher));
 
        /* Dummy cipherinit to just setup the IV */
        EVP_CipherInit(&ctx, cipher, NULL, iv, 0);
@@ -212,7 +212,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
        if (!(osalt->data = Malloc (saltlen))) goto merr;
        osalt->length = saltlen;
        if (salt) memcpy (osalt->data, salt, saltlen);
-       else RAND_bytes (osalt->data, saltlen);
+       else if (RAND_bytes (osalt->data, saltlen) <= 0) goto merr;
 
        if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
        if(!ASN1_INTEGER_set(kdf->iter, iter)) goto merr;
Unnamed repository; edit this file 'description' to name the repository.