Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
10 个月 前同步成功

通知 8
Star 18
Fork 1
T
Third Party Openssl

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

提交 16cfc2c9 编写于 作者: K Kurt Roeckx 提交者: Dr. Matthias St. Pierre
浏览文件
操作

Don't use a ssl specific DRBG anymore 

Since the public and private DRBG are per thread we don't need one
per ssl object anymore. It could also try to get entropy from a DRBG
that's really from an other thread because the SSL object moved to an
other thread.
Reviewed-by: NTim Hudson <tjh@openssl.org>
Reviewed-by: NPaul Dale <paul.dale@oracle.com>
Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5547)
上级 7caf122e
隐藏空白更改
内联 并排
Showing with 35 addition and 165 deletion
crypto/evp/e_aes.c
浏览文件 @ 16cfc2c9
......@@ -17,7 +17,6 @@
#include "internal/evp_int.h"
#include "modes_lcl.h"
#include <openssl/rand.h>
#include <openssl/rand_drbg.h>
#include "evp_locl.h"
typedef struct {
......@@ -1405,14 +1404,8 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
memcpy(gctx->iv, ptr, arg);
enc = EVP_CIPHER_CTX_encrypting(c);
if (enc) {
if (c->drbg != NULL) {
if (RAND_DRBG_bytes(c->drbg, gctx->iv + arg, gctx->ivlen - arg) == 0)
return 0;
} else if (RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0) {
return 0;
}
}
if (enc && RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0)
return 0;
gctx->iv_gen = 1;
return 1;
......@@ -2639,14 +2632,9 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
return 0;
if (arg)
memcpy(gctx->iv, ptr, arg);
if (EVP_CIPHER_CTX_encrypting(c)) {
if (c->drbg != NULL) {
if (RAND_DRBG_bytes(c->drbg, gctx->iv + arg, gctx->ivlen - arg) == 0)
return 0;
} else if (RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0) {
return 0;
}
}
if (EVP_CIPHER_CTX_encrypting(c)
&& RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0)
return 0;
gctx->iv_gen = 1;
return 1;
......
crypto/evp/e_aes_cbc_hmac_sha1.c
浏览文件 @ 16cfc2c9
......@@ -17,11 +17,9 @@
#include <openssl/aes.h>
#include <openssl/sha.h>
#include <openssl/rand.h>
#include <openssl/rand_drbg.h>
#include "modes_lcl.h"
#include "internal/evp_int.h"
#include "internal/constant_time_locl.h"
#include "evp_locl.h"
typedef struct {
AES_KEY ks;
......@@ -156,8 +154,7 @@ void aesni_multi_cbc_encrypt(CIPH_DESC *, void *, int);
static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA1 *key,
unsigned char *out,
const unsigned char *inp,
size_t inp_len, int n4x,
RAND_DRBG *drbg)
size_t inp_len, int n4x)
{ /* n4x is 1 or 2 */
HASH_DESC hash_d[8], edges[8];
CIPH_DESC ciph_d[8];
......@@ -177,13 +174,8 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA1 *key,
# endif
/* ask for IVs in bulk */
IVs = blocks[0].c;
if (drbg != NULL) {
if (RAND_DRBG_bytes(drbg, IVs, 16 * x4) == 0)
return 0;
} else if (RAND_bytes(IVs, 16 * x4) <= 0) {
if (RAND_bytes((IVs = blocks[0].c), 16 * x4) <= 0)
return 0;
}
ctx = (SHA1_MB_CTX *) (storage + 32 - ((size_t)storage % 32)); /* align */
......@@ -901,8 +893,7 @@ static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
return (int)tls1_1_multi_block_encrypt(key, param->out,
param->inp, param->len,
param->interleave / 4,
ctx->drbg);
param->interleave / 4);
}
case EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT:
# endif
......
crypto/evp/e_aes_cbc_hmac_sha256.c
浏览文件 @ 16cfc2c9
......@@ -18,11 +18,9 @@
#include <openssl/aes.h>
#include <openssl/sha.h>
#include <openssl/rand.h>
#include <openssl/rand_drbg.h>
#include "modes_lcl.h"
#include "internal/constant_time_locl.h"
#include "internal/evp_int.h"
#include "evp_locl.h"
typedef struct {
AES_KEY ks;
......@@ -152,8 +150,7 @@ void aesni_multi_cbc_encrypt(CIPH_DESC *, void *, int);
static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key,
unsigned char *out,
const unsigned char *inp,
size_t inp_len, int n4x,
RAND_DRBG *drbg)
size_t inp_len, int n4x)
{ /* n4x is 1 or 2 */
HASH_DESC hash_d[8], edges[8];
CIPH_DESC ciph_d[8];
......@@ -173,13 +170,8 @@ static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key,
# endif
/* ask for IVs in bulk */
IVs = blocks[0].c;
if (drbg != NULL) {
if (RAND_DRBG_bytes(drbg, IVs, 16 * x4) == 0)
return 0;
} else if (RAND_bytes(IVs, 16 * x4) <= 0) {
if (RAND_bytes((IVs = blocks[0].c), 16 * x4) <= 0)
return 0;
}
/* align */
ctx = (SHA256_MB_CTX *) (storage + 32 - ((size_t)storage % 32));
......@@ -885,8 +877,7 @@ static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
return (int)tls1_1_multi_block_encrypt(key, param->out,
param->inp, param->len,
param->interleave / 4,
ctx->drbg);
param->interleave / 4);
}
case EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT:
# endif
......
crypto/evp/e_aria.c
浏览文件 @ 16cfc2c9
......@@ -302,14 +302,9 @@ static int aria_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
return 0;
if (arg)
memcpy(gctx->iv, ptr, arg);
if (EVP_CIPHER_CTX_encrypting(c)) {
if (c->drbg != NULL) {
if (RAND_DRBG_bytes(c->drbg, gctx->iv + arg, gctx->ivlen - arg) == 0)
return 0;
} else if (RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0) {
return 0;
}
}
if (EVP_CIPHER_CTX_encrypting(c)
&& RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0)
return 0;
gctx->iv_gen = 1;
return 1;
......
crypto/evp/e_des.c
浏览文件 @ 16cfc2c9
......@@ -15,8 +15,6 @@
# include "internal/evp_int.h"
# include <openssl/des.h>
# include <openssl/rand.h>
# include <openssl/rand_drbg.h>
# include "evp_locl.h"
typedef struct {
union {
......@@ -231,12 +229,8 @@ static int des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
switch (type) {
case EVP_CTRL_RAND_KEY:
if (c->drbg != NULL) {
if (RAND_DRBG_bytes(c->drbg, ptr, 8) == 0)
return 0;
} else if (RAND_bytes(ptr, 8) <= 0) {
if (RAND_bytes(ptr, 8) <= 0)
return 0;
}
DES_set_odd_parity((DES_cblock *)ptr);
return 1;
......
crypto/evp/e_des3.c
浏览文件 @ 16cfc2c9
......@@ -15,7 +15,6 @@
# include "internal/evp_int.h"
# include <openssl/des.h>
# include <openssl/rand.h>
# include <openssl/rand_drbg.h>
# include "evp_locl.h"
typedef struct {
......@@ -284,12 +283,8 @@ static int des3_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
switch (type) {
case EVP_CTRL_RAND_KEY:
if (ctx->drbg != NULL) {
if (RAND_DRBG_bytes(ctx->drbg, ptr, EVP_CIPHER_CTX_key_length(ctx)) == 0)
return 0;
} else if (RAND_bytes(ptr, EVP_CIPHER_CTX_key_length(ctx)) <= 0) {
if (RAND_bytes(ptr, EVP_CIPHER_CTX_key_length(ctx)) <= 0)
return 0;
}
DES_set_odd_parity(deskey);
if (EVP_CIPHER_CTX_key_length(ctx) >= 16)
DES_set_odd_parity(deskey + 1);
......@@ -377,12 +372,8 @@ static int des_ede3_wrap(EVP_CIPHER_CTX *ctx, unsigned char *out,
memcpy(out + inl + 8, sha1tmp, 8);
OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH);
/* Generate random IV */
if (ctx->drbg != NULL) {
if (RAND_DRBG_bytes(ctx->drbg, EVP_CIPHER_CTX_iv_noconst(ctx), 8) == 0)
return -1;
} else if (RAND_bytes(EVP_CIPHER_CTX_iv_noconst(ctx), 8) <= 0) {
if (RAND_bytes(EVP_CIPHER_CTX_iv_noconst(ctx), 8) <= 0)
return -1;
}
memcpy(out, EVP_CIPHER_CTX_iv_noconst(ctx), 8);
/* Encrypt everything after IV in place */
des_ede_cbc_cipher(ctx, out + 8, out + 8, inl + 8);
......
crypto/evp/evp_enc.c
浏览文件 @ 16cfc2c9
......@@ -579,14 +579,6 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
{
int ret;
if (type == EVP_CTRL_GET_DRBG) {
*(RAND_DRBG **)ptr = ctx->drbg;
return 1;
}
if (type == EVP_CTRL_SET_DRBG) {
ctx->drbg = ptr;
return 1;
}
if (!ctx->cipher) {
EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
return 0;
......@@ -610,12 +602,8 @@ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
{
if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
if (ctx->drbg) {
if (RAND_DRBG_bytes(ctx->drbg, key, ctx->key_len) == 0)
return 0;
} else if (RAND_bytes(key, ctx->key_len) <= 0) {
if (RAND_bytes(key, ctx->key_len) <= 0)
return 0;
}
return 1;
}
......
crypto/evp/evp_locl.h
浏览文件 @ 16cfc2c9
......@@ -39,7 +39,6 @@ struct evp_cipher_ctx_st {
int final_used;
int block_mask;
unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */
RAND_DRBG *drbg;
} /* EVP_CIPHER_CTX */ ;
int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
......
crypto/evp/p_seal.c
浏览文件 @ 16cfc2c9
......@@ -14,8 +14,6 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/rand_drbg.h>
#include "evp_locl.h"
int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
unsigned char **ek, int *ekl, unsigned char *iv,
......@@ -33,14 +31,9 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
return 1;
if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
return 0;
if (EVP_CIPHER_CTX_iv_length(ctx)) {
if (ctx->drbg) {
if (RAND_DRBG_bytes(ctx->drbg, iv, EVP_CIPHER_CTX_iv_length(ctx)) == 0)
return 0;
} else if (RAND_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx)) <= 0) {
return 0;
}
}
if (EVP_CIPHER_CTX_iv_length(ctx)
&& RAND_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx)) <= 0)
return 0;
if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
return 0;
......
doc/man3/EVP_EncryptInit.pod
浏览文件 @ 16cfc2c9
......@@ -457,20 +457,6 @@ This call is only valid when decrypting data.
=back
=head1 Random numbers
The following can be used to select the DRBG that is used to generate the random
numbers:
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_DRBG, 0, drbg)
The following can be used to get the DRBG:
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_DRBG, 0, &drbg)
By default it's set to NULL which results in RAND_bytes() being used.
=head1 NOTES
Where possible the B<EVP> interface to symmetric ciphers should be used in
......
include/openssl/evp.h
浏览文件 @ 16cfc2c9
......@@ -347,8 +347,6 @@ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
# define EVP_CTRL_SET_PIPELINE_INPUT_BUFS 0x23
/* Set the input buffer lengths to use for a pipelined operation */
# define EVP_CTRL_SET_PIPELINE_INPUT_LENS 0x24
# define EVP_CTRL_GET_DRBG 0x25
# define EVP_CTRL_SET_DRBG 0x26
/* Padding modes */
#define EVP_PADDING_PKCS7 1
......
ssl/record/ssl3_record.c
浏览文件 @ 16cfc2c9
......@@ -972,7 +972,7 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending)
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_ENC,
ERR_R_INTERNAL_ERROR);
return -1;
} else if (ssl_randbytes(s, recs[ctr].input, ivlen) <= 0) {
} else if (RAND_bytes(recs[ctr].input, ivlen) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_ENC,
ERR_R_INTERNAL_ERROR);
return -1;
......
ssl/s3_enc.c
浏览文件 @ 16cfc2c9
......@@ -168,7 +168,6 @@ int ssl3_change_cipher_state(SSL *s, int which)
*/
EVP_CIPHER_CTX_reset(s->enc_write_ctx);
}
EVP_CIPHER_CTX_ctrl(s->enc_write_ctx, EVP_CTRL_SET_DRBG, 0, s->drbg);
dd = s->enc_write_ctx;
if (ssl_replace_hash(&s->write_hash, m) == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_CHANGE_CIPHER_STATE,
......
ssl/s3_lib.c
浏览文件 @ 16cfc2c9
......@@ -4524,12 +4524,12 @@ int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, size_t len,
unsigned char *p = result;
l2n(Time, p);
ret = ssl_randbytes(s, p, len - 4);
ret = RAND_bytes(p, len - 4);
} else {
ret = ssl_randbytes(s, result, len);
ret = RAND_bytes(result, len);
}
#ifndef OPENSSL_NO_TLS13DOWNGRADE
if (ret) {
if (ret > 0) {
if (!ossl_assert(sizeof(tls11downgrade) < len)
|| !ossl_assert(sizeof(tls12downgrade) < len))
return 0;
......
ssl/ssl_lib.c
浏览文件 @ 16cfc2c9
......@@ -690,20 +690,6 @@ SSL *SSL_new(SSL_CTX *ctx)
goto err;
}
/*
* If not using the standard RAND (say for fuzzing), then don't use a
* chained DRBG.
*/
if (RAND_get_rand_method() == RAND_OpenSSL()) {
s->drbg =
RAND_DRBG_new(0, 0, RAND_DRBG_get0_public());
if (s->drbg == NULL
|| RAND_DRBG_instantiate(s->drbg,
(const unsigned char *) SSL_version_str,
sizeof(SSL_version_str) - 1) == 0)
goto err;
}
RECORD_LAYER_init(&s->rlayer, s);
s->options = ctx->options;
......@@ -1220,7 +1206,6 @@ void SSL_free(SSL *s)
sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
#endif
RAND_DRBG_free(s->drbg);
CRYPTO_THREAD_lock_free(s->lock);
OPENSSL_free(s);
......@@ -5397,28 +5382,6 @@ uint32_t SSL_get_max_early_data(const SSL *s)
return s->max_early_data;
}
int ssl_randbytes(SSL *s, unsigned char *rnd, size_t size)
{
if (s->drbg != NULL) {
/*
* Currently, it's the duty of the caller to serialize the generate
* requests to the DRBG. So formally we have to check whether
* s->drbg->lock != NULL and take the lock if this is the case.
* However, this DRBG is unique to a given SSL object, and we already
* require that SSL objects are only accessed by a single thread at
* a given time. Also, SSL DRBGs have no child DRBG, so there is
* no risk that this DRBG is accessed by a child DRBG in parallel
* for reseeding. As such, we can rely on the application's
* serialization of SSL accesses for the needed concurrency protection
* here.
*/
return RAND_DRBG_bytes(s->drbg, rnd, size);
}
if (size > INT_MAX)
return 0;
return RAND_bytes(rnd, size);
}
__owur unsigned int ssl_get_max_send_fragment(const SSL *ssl)
{
/* Return any active Max Fragment Len extension */
......
ssl/ssl_locl.h
浏览文件 @ 16cfc2c9
......@@ -1407,7 +1407,6 @@ struct ssl_st {
size_t block_padding;
CRYPTO_RWLOCK *lock;
RAND_DRBG *drbg;
};
/*
......@@ -2238,7 +2237,6 @@ __owur int ssl_build_cert_chain(SSL *s, SSL_CTX *ctx, int flags);
__owur int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain,
int ref);
__owur int ssl_randbytes(SSL *s, unsigned char *buf, size_t num);
__owur int ssl_security(const SSL *s, int op, int bits, int nid, void *other);
__owur int ssl_ctx_security(const SSL_CTX *ctx, int op, int bits, int nid,
void *other);
......
ssl/ssl_sess.c
浏览文件 @ 16cfc2c9
......@@ -295,7 +295,7 @@ static int def_generate_session_id(SSL *ssl, unsigned char *id,
{
unsigned int retry = 0;
do
if (ssl_randbytes(ssl, id, *id_len) <= 0)
if (RAND_bytes(id, *id_len) <= 0)
return 0;
while (SSL_has_matching_session_id(ssl, id, *id_len) &&
(++retry < MAX_SESS_ID_ATTEMPTS)) ;
......
ssl/statem/statem_clnt.c
浏览文件 @ 16cfc2c9
......@@ -1188,8 +1188,7 @@ int tls_construct_client_hello(SSL *s, WPACKET *pkt)
s->tmp_session_id_len = sess_id_len;
session_id = s->tmp_session_id;
if (s->hello_retry_request == SSL_HRR_NONE
&& ssl_randbytes(s, s->tmp_session_id,
sess_id_len) <= 0) {
&& RAND_bytes(s->tmp_session_id, sess_id_len) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_F_TLS_CONSTRUCT_CLIENT_HELLO,
ERR_R_INTERNAL_ERROR);
......@@ -2925,7 +2924,7 @@ static int tls_construct_cke_rsa(SSL *s, WPACKET *pkt)
pms[0] = s->client_version >> 8;
pms[1] = s->client_version & 0xff;
/* TODO(size_t): Convert this function */
if (ssl_randbytes(s, pms + 2, (int)(pmslen - 2)) <= 0) {
if (RAND_bytes(pms + 2, (int)(pmslen - 2)) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CKE_RSA,
ERR_R_MALLOC_FAILURE);
goto err;
......@@ -3146,7 +3145,7 @@ static int tls_construct_cke_gost(SSL *s, WPACKET *pkt)
/* Generate session key
* TODO(size_t): Convert this function
*/
|| ssl_randbytes(s, pms, (int)pmslen) <= 0) {
|| RAND_bytes(pms, (int)pmslen) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CKE_GOST,
ERR_R_INTERNAL_ERROR);
goto err;
......
ssl/statem/statem_srvr.c
浏览文件 @ 16cfc2c9
......@@ -2737,7 +2737,7 @@ int tls_construct_certificate_request(SSL *s, WPACKET *pkt)
OPENSSL_free(s->pha_context);
s->pha_context_len = 32;
if ((s->pha_context = OPENSSL_malloc(s->pha_context_len)) == NULL
|| ssl_randbytes(s, s->pha_context, s->pha_context_len) <= 0
|| RAND_bytes(s->pha_context, s->pha_context_len) <= 0
|| !WPACKET_sub_memcpy_u8(pkt, s->pha_context, s->pha_context_len)) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST,
......@@ -2926,7 +2926,7 @@ static int tls_process_cke_rsa(SSL *s, PACKET *pkt)
* fails. See https://tools.ietf.org/html/rfc5246#section-7.4.7.1
*/
if (ssl_randbytes(s, rand_premaster_secret,
if (RAND_bytes(rand_premaster_secret,
sizeof(rand_premaster_secret)) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_RSA,
ERR_R_INTERNAL_ERROR);
......@@ -3692,7 +3692,7 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
/* SSLfatal() already called */
goto err;
}
if (ssl_randbytes(s, age_add_u.age_add_c, sizeof(age_add_u)) <= 0) {
if (RAND_bytes(age_add_u.age_add_c, sizeof(age_add_u)) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET,
ERR_R_INTERNAL_ERROR);
......@@ -3758,7 +3758,6 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET, ERR_R_MALLOC_FAILURE);
goto err;
}
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_DRBG, 0, s->drbg);
p = senc;
if (!i2d_SSL_SESSION(s->session, &p)) {
......@@ -3830,7 +3829,7 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
const EVP_CIPHER *cipher = EVP_aes_256_cbc();
iv_len = EVP_CIPHER_iv_length(cipher);
if (ssl_randbytes(s, iv, iv_len) <= 0
if (RAND_bytes(iv, iv_len) <= 0
|| !EVP_EncryptInit_ex(ctx, cipher, NULL,
tctx->ext.tick_aes_key, iv)
|| !HMAC_Init_ex(hctx, tctx->ext.tick_hmac_key,
......
ssl/t1_enc.c
浏览文件 @ 16cfc2c9
......@@ -171,7 +171,6 @@ int tls1_change_cipher_state(SSL *s, int which)
ERR_R_MALLOC_FAILURE);
goto err;
}
EVP_CIPHER_CTX_ctrl(s->enc_write_ctx, EVP_CTRL_SET_DRBG, 0, s->drbg);
dd = s->enc_write_ctx;
if (SSL_IS_DTLS(s)) {
mac_ctx = EVP_MD_CTX_new();
......
ssl/tls13_enc.c
浏览文件 @ 16cfc2c9
......@@ -407,7 +407,6 @@ int tls13_change_cipher_state(SSL *s, int which)
SSL_F_TLS13_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE);
goto err;
}
EVP_CIPHER_CTX_ctrl(s->enc_write_ctx, EVP_CTRL_SET_DRBG, 0, s->drbg);
}
ciph_ctx = s->enc_write_ctx;
iv = s->write_iv;
......
ssl/tls_srp.c
浏览文件 @ 16cfc2c9
......@@ -157,7 +157,7 @@ int SSL_srp_server_param_with_username(SSL *s, int *ad)
(s->srp_ctx.s == NULL) || (s->srp_ctx.v == NULL))
return SSL3_AL_FATAL;
if (ssl_randbytes(s, b, sizeof(b)) <= 0)
if (RAND_bytes(b, sizeof(b)) <= 0)
return SSL3_AL_FATAL;
s->srp_ctx.b = BN_bin2bn(b, sizeof(b), NULL);
OPENSSL_cleanse(b, sizeof(b));
......@@ -369,7 +369,7 @@ int SRP_Calc_A_param(SSL *s)
{
unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH];
if (ssl_randbytes(s, rnd, sizeof(rnd)) <= 0)
if (RAND_bytes(rnd, sizeof(rnd)) <= 0)
return 0;
s->srp_ctx.a = BN_bin2bn(rnd, sizeof(rnd), s->srp_ctx.a);
OPENSSL_cleanse(rnd, sizeof(rnd));
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册