提交 7c472f70 编写于 作者: B Bodo Möller

Use RAND_pseudo_bytes, not RAND_bytes, for IVs/salts.

上级 df83eeb7
......@@ -129,7 +129,7 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt,
}
pbe->salt->length = saltlen;
if (salt) memcpy (pbe->salt->data, salt, saltlen);
else if (RAND_bytes (pbe->salt->data, saltlen) <= 0)
else if (RAND_pseudo_bytes (pbe->salt->data, saltlen) <= 0)
return NULL;
if (!(astype = ASN1_TYPE_new())) {
......
......@@ -212,7 +212,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
if (!(osalt->data = Malloc (saltlen))) goto merr;
osalt->length = saltlen;
if (salt) memcpy (osalt->data, salt, saltlen);
else if (RAND_bytes (osalt->data, saltlen) <= 0) goto merr;
else if (RAND_pseudo_bytes (osalt->data, saltlen) <= 0) goto merr;
if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
if(!ASN1_INTEGER_set(kdf->iter, iter)) goto merr;
......
......@@ -373,7 +373,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
kstr=(unsigned char *)buf;
}
RAND_add(data,i,0);/* put in the RSA key. */
if (RAND_bytes(iv,8) <= 0) /* Generate a salt */
if (RAND_pseudo_bytes(iv,8) <= 0) /* Generate a salt */
goto err;
/* The 'iv' is used as the iv and as a salt. It is
* NOT taken from the BytesToKey function */
......
......@@ -157,7 +157,7 @@ int PKCS12_setup_mac (PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
return 0;
}
if (!salt) {
if (RAND_bytes (p12->mac->salt->data, saltlen) <= 0)
if (RAND_pseudo_bytes (p12->mac->salt->data, saltlen) <= 0)
return 0;
}
else memcpy (p12->mac->salt->data, salt, saltlen);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册