Use RAND_pseudo_bytes, not RAND_bytes, for IVs/salts.

author Bodo Möller <bodo@openssl.org>

Thu, 2 Mar 2000 22:44:55 +0000 (22:44 +0000)

committer Bodo Möller <bodo@openssl.org>

Thu, 2 Mar 2000 22:44:55 +0000 (22:44 +0000)
author Bodo Möller <bodo@openssl.org>
Thu, 2 Mar 2000 22:44:55 +0000 (22:44 +0000)
committer Bodo Möller <bodo@openssl.org>
Thu, 2 Mar 2000 22:44:55 +0000 (22:44 +0000)
diff --git a/CHANGES b/CHANGES

index e3d8337f4bf093c813d5cea8870123e30cf7d2b8..bd9a73c2813f1f07049c0a56a488d034511a6d47 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
  
   Changes between 0.9.5 and 0.9.6  [XX XXX 2000]
  
  
   Changes between 0.9.5 and 0.9.6  [XX XXX 2000]
  
+  *) In PEM_ASN1_write_bio and some other functions, use RAND_pseudo_bytes
+     instead of RAND_bytes for encryption IVs and salts.
+     [Bodo Moeller]
+
    *) Include RAND_status() into RAND_METHOD instead of implementing
       it only for md_rand.c  Otherwise replacing the PRNG by calling
       RAND_set_rand_method would be impossible.
    *) Include RAND_status() into RAND_METHOD instead of implementing
       it only for md_rand.c  Otherwise replacing the PRNG by calling
       RAND_set_rand_method would be impossible.
author	Bodo Möller <bodo@openssl.org>
	Thu, 2 Mar 2000 22:44:55 +0000 (22:44 +0000)
committer	Bodo Möller <bodo@openssl.org>
	Thu, 2 Mar 2000 22:44:55 +0000 (22:44 +0000)