Precautions against using the PRNG uninitialized: RAND_bytes() now

returns int (1 = ok, 0 = not seeded). New function RAND_add() is the same as RAND_seed() but takes an estimate of the entropy as an additional argument.
author: Ulf Möller <ulf@openssl.org> 2000-01-13 20:59:17 +0000
committer: Ulf Möller <ulf@openssl.org> 2000-01-13 20:59:17 +0000
commit: eb952088f0d5da59e569ae2aa33e9b96bc3b586d (patch)
tree: 1d722a423148a6b568a1e6d42f01943aed6cfb2a /crypto/evp
parent: 22e219d90f1ea5d3b2f4abb72c846a436ea33eff (diff)
download: openssl-eb952088f0d5da59e569ae2aa33e9b96bc3b586d.tar.gz
2 files changed, 3 insertions, 3 deletions
diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c
index 396862767f..5957162843 100644
--- a/crypto/evp/evp_pkey.c
+++ b/crypto/evp/evp_pkey.c
@@ -267,8 +267,8 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
 		return NULL;
 	}
 	p8->pkey->type = V_ASN1_OCTET_STRING;
-	RAND_seed (p8->pkey->value.octet_string->data,
-					 p8->pkey->value.octet_string->length);
+	RAND_add(p8->pkey->value.octet_string->data,
+		 p8->pkey->value.octet_string->length, 0);
 	return p8;
 }
 
diff --git a/crypto/evp/p_seal.c b/crypto/evp/p_seal.c
index 09b46f4b0e..7966545e21 100644
--- a/crypto/evp/p_seal.c
+++ b/crypto/evp/p_seal.c
@@ -73,7 +73,7 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
 	int i;
 	
 	if (npubk <= 0) return(0);
-	RAND_bytes(key,EVP_MAX_KEY_LENGTH);
+	if (RAND_bytes(key,EVP_MAX_KEY_LENGTH) == -1) return(0);
 	if (type->iv_len > 0)
 		RAND_bytes(iv,type->iv_len);
author	Ulf Möller <ulf@openssl.org>	2000-01-13 20:59:17 +0000
committer	Ulf Möller <ulf@openssl.org>	2000-01-13 20:59:17 +0000
commit	eb952088f0d5da59e569ae2aa33e9b96bc3b586d (patch)
tree	1d722a423148a6b568a1e6d42f01943aed6cfb2a /crypto/evp
parent	22e219d90f1ea5d3b2f4abb72c846a436ea33eff (diff)
download	openssl-eb952088f0d5da59e569ae2aa33e9b96bc3b586d.tar.gz