Check RAND_bytes() return value or use RAND_pseudo_bytes().

[openssl.git] / crypto / pem / pem_lib.c

diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index 2bafb5e73597ee3b762a4e68cec08dcb4dc9d32d..49aeb62bde52b17f805b24c29edadcd0726443e9 100644 (file)
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -121,6 +121,22 @@ static int def_callback(char *buf, int num, int w, void *userdata)
 #endif
        }
 
+/* This is a generic callback. If the user data is not NULL it is assumed 
+ * to be a null terminated password. Otherwise the default password callback
+ * is called.
+ */
+
+
+int MS_CALLBACK PEM_cb(char *buf, int len, int verify, void *key)
+{
+       int i;
+       if (key == NULL) return def_callback(buf, len, verify, key);
+       i=strlen(key);
+       i=(i > len)?len:i;
+       memcpy(buf,key,i);
+       return(i);
+}
+
 void PEM_proc_type(char *buf, int type)
        {
        const char *str;
@@ -362,8 +378,9 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
 #endif
                        kstr=(unsigned char *)buf;
                        }
-               RAND_seed(data,i);/* put in the RSA key. */
-               RAND_bytes(iv,8);       /* Generate a salt */
+               RAND_add(data,i,0);/* put in the RSA key. */
+               if (RAND_bytes(iv,8) <= 0)      /* Generate a salt */
+                       goto err;
                /* The 'iv' is used as the iv and as a salt.  It is
                 * NOT taken from the BytesToKey function */
                EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);