diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-04-23 20:05:19 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-04-23 20:05:19 +0000 |
commit | e0d1a2f80a020bd019b017c52e0d724248731788 (patch) | |
tree | 8a68772a04b5115a51788f6a13f45388c48f62f1 /crypto | |
parent | cac4fb58e02d8cf799d75212179f56c69e652ec7 (diff) | |
download | openssl-e0d1a2f80a020bd019b017c52e0d724248731788.tar.gz |
Always return multiple of block length bytes from default DRBG seed
callback.
Handle case where no multiple of the block size is in the interval
[min_len, max_len].
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/rand/rand_lib.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 0e82013163..f3bd4e632e 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -201,6 +201,8 @@ static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout, *pout = OPENSSL_malloc(min_len); if (!*pout) return 0; + /* Round up request to multiple of block size */ + min_len = ((min_len + 19) / 20) * 20; if (RAND_SSLeay()->bytes(*pout, min_len) <= 0) { OPENSSL_free(*pout); |