Avoid integer overflow in entropy counter.

Slightly clarify the RAND_... documentation.

Avoid integer overflow in entropy counter.
Slightly clarify the RAND_... documentation.
720b3598 · Bodo Möller · 60b52453 · 720b3598 · 720b3598 · 720b3598
隐藏空白更改
内联并排

Showing with 14 addition and 10 deletion

crypto/rand/md_rand.c crypto/rand/md_rand.c +3 -2

doc/crypto/RAND_add.pod doc/crypto/RAND_add.pod +1 -1

doc/crypto/RAND_bytes.pod doc/crypto/RAND_bytes.pod +10 -7

未找到文件。
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -138,7 +138,7 @@ static int state_num=0,state_index=0;
 static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH];
 static unsigned char md[MD_DIGEST_LENGTH];
 static long md_count[2]={0,0};
-static int entropy=0;
+static unsigned entropy=0;

 const char *RAND_version="RAND" OPENSSL_VERSION_PTEXT;

@@ -286,7 +286,8 @@ static void ssleay_rand_add(const void *buf, int num, int add)
 #ifndef THREADS	
 	assert(md_c[1] == md_count[1]);
 #endif
-	entropy += add;
+	if (entropy < ENTROPY_NEEDED)
+	    entropy += add;
 	}

 static void ssleay_rand_seed(const void *buf, int num)

--- a/doc/crypto/RAND_add.pod
+++ b/doc/crypto/RAND_add.pod
@@ -30,7 +30,7 @@ RAND_add() may be called with sensitive data such as user entered
 passwords. The seed values cannot be recovered from the PRNG output.

 OpenSSL makes sure that the PRNG state is unique for each thread. On
-systems that provide C</dev/random>, the randomness device is used
+systems that provide C</dev/urandom>, the randomness device is used
 to seed the PRNG transparently. However, on all other systems, the
 application is responsible for seeding the PRNG by calling RAND_add()
 or RAND_load_file(3).

--- a/doc/crypto/RAND_bytes.pod
+++ b/doc/crypto/RAND_bytes.pod
@@ -14,13 +14,16 @@ RAND_bytes, RAND_pseudo_bytes - Generate random data

 =head1 DESCRIPTION

-RAND_bytes() puts B<num> random bytes into B<buf>. An error occurs if
-the PRNG has not been seeded with enough randomness.
-
-RAND_pseudo_bytes() puts B<num> pseudo-random bytes into B<buf>. These
-bytes are guaranteed to be unique, but not unpredictable. They can be
-used for non-cryptographic purposes and for certain purposes in
-cryptographic protocols, but not for key generation etc.
+RAND_bytes() puts B<num> cryptographically strong pseudo-random bytes
+into B<buf>. An error occurs if the PRNG has not been seeded with
+enough randomness to ensure an unpredictable byte sequence.
+
+RAND_pseudo_bytes() puts B<num> pseudo-random bytes into B<buf>.
+Pseudo-random byte sequences generated by RAND_pseudo_bytes() will be
+unique if they are of sufficient length, but are not necessarily
+unpredictable. They can be used for non-cryptographic purposes and for
+certain purposes in cryptographic protocols, but usually not for key
+generation etc.

 =head1 RETURN VALUES