From: Bodo Möller Date: Thu, 2 Mar 2000 22:29:38 +0000 (+0000) Subject: Use RAND_pseudo_bytes, not RAND_bytes, for IVs/salts. X-Git-Tag: OpenSSL_0_9_5a-beta1~116 X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=7c472f706e370f9d0c4d7bde3c9f9edf90cfaece Use RAND_pseudo_bytes, not RAND_bytes, for IVs/salts. --- diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c index 64e90237cc..380c5283b1 100644 --- a/crypto/asn1/p5_pbe.c +++ b/crypto/asn1/p5_pbe.c @@ -129,7 +129,7 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, } pbe->salt->length = saltlen; if (salt) memcpy (pbe->salt->data, salt, saltlen); - else if (RAND_bytes (pbe->salt->data, saltlen) <= 0) + else if (RAND_pseudo_bytes (pbe->salt->data, saltlen) <= 0) return NULL; if (!(astype = ASN1_TYPE_new())) { diff --git a/crypto/asn1/p5_pbev2.c b/crypto/asn1/p5_pbev2.c index 4ce06a94ab..648983e7f8 100644 --- a/crypto/asn1/p5_pbev2.c +++ b/crypto/asn1/p5_pbev2.c @@ -212,7 +212,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, if (!(osalt->data = Malloc (saltlen))) goto merr; osalt->length = saltlen; if (salt) memcpy (osalt->data, salt, saltlen); - else if (RAND_bytes (osalt->data, saltlen) <= 0) goto merr; + else if (RAND_pseudo_bytes (osalt->data, saltlen) <= 0) goto merr; if(iter <= 0) iter = PKCS5_DEFAULT_ITER; if(!ASN1_INTEGER_set(kdf->iter, iter)) goto merr; diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index 072211ba0f..b19ad2c818 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -373,7 +373,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, kstr=(unsigned char *)buf; } RAND_add(data,i,0);/* put in the RSA key. */ - if (RAND_bytes(iv,8) <= 0) /* Generate a salt */ + if (RAND_pseudo_bytes(iv,8) <= 0) /* Generate a salt */ goto err; /* The 'iv' is used as the iv and as a salt. It is * NOT taken from the BytesToKey function */ diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c index f1094b3840..4e0a7cbed8 100644 --- a/crypto/pkcs12/p12_mutl.c +++ b/crypto/pkcs12/p12_mutl.c @@ -157,7 +157,7 @@ int PKCS12_setup_mac (PKCS12 *p12, int iter, unsigned char *salt, int saltlen, return 0; } if (!salt) { - if (RAND_bytes (p12->mac->salt->data, saltlen) <= 0) + if (RAND_pseudo_bytes (p12->mac->salt->data, saltlen) <= 0) return 0; } else memcpy (p12->mac->salt->data, salt, saltlen);