GH367: use random data if seed too short.

[openssl.git] / crypto / dsa / dsa_gen.c

diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
index 5a328aaab5b408f6036c738c81738ee2e6c4c55c..9d3b59e0479be3344a4b1a3d5be2e35092d8b1a1 100644 (file)
--- a/crypto/dsa/dsa_gen.c
+++ b/crypto/dsa/dsa_gen.c
@@ -203,7 +203,7 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
             if (!BN_GENCB_call(cb, 0, m++))
                 goto err;
 
-            if (!seed_len) {
+            if (!seed_len || !seed_in) {
                 if (RAND_pseudo_bytes(seed, qsize) < 0)
                     goto err;
                 seed_is_random = 1;