RAND_pseudo_bytes is good enough for encryption IVs,
authorBodo Möller <bodo@openssl.org>
Mon, 24 Jan 2000 09:32:20 +0000 (09:32 +0000)
committerBodo Möller <bodo@openssl.org>
Mon, 24 Jan 2000 09:32:20 +0000 (09:32 +0000)
we should not need RAND_bytes (and we cannot use the latter
unless we load a seed file)

apps/enc.c

index 6c93e17..8420366 100644 (file)
@@ -448,11 +448,8 @@ bad:
                                                                "invalid hex salt value\n");
                                                        goto end;
                                                }
-                                       } else if (RAND_bytes(salt, PKCS5_SALT_LEN) <= 0) {
-                                               BIO_printf(bio_err,
-                                                       "prng not seeded\n");
+                                       } else if (RAND_pseudo_bytes(salt, PKCS5_SALT_LEN) <= 0)
                                                goto end;
-                                       }
                                        /* If -P option then don't bother writing */
                                        if((printkey != 2)
                                           && (BIO_write(wbio,magic,