Seed PRNG with DSA and ECDSA digests for additional protection against

possible PRNG state duplication.

Seed PRNG with DSA and ECDSA digests for additional protection against
possible PRNG state duplication.
8c716869 · Dr. Stephen Henson · b5ca7df5 · 8c716869 · 8c716869
显示空白变更内容
内联并排

Showing with 4 addition and 0 deletion

crypto/dsa/dsa_sign.c crypto/dsa/dsa_sign.c +2 -0

crypto/ecdsa/ecs_sign.c crypto/ecdsa/ecs_sign.c +2 -0

未找到文件。
--- a/crypto/dsa/dsa_sign.c
+++ b/crypto/dsa/dsa_sign.c
@@ -60,6 +60,7 @@
 #include "cryptlib.h"
 #include <openssl/dsa.h>
+#include <openssl/rand.h>
 DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	{
@@ -70,6 +71,7 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
 	     unsigned int *siglen, DSA *dsa)
 	{
 	DSA_SIG *s;
+	RAND_seed(dgst, dlen);
 	s=DSA_do_sign(dgst,dlen,dsa);
 	if (s == NULL)
 		{

--- a/crypto/ecdsa/ecs_sign.c
+++ b/crypto/ecdsa/ecs_sign.c
@@ -57,6 +57,7 @@
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
+#include <openssl/rand.h>
 ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
 {
@@ -83,6 +84,7 @@ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dlen, unsigned char
 	EC_KEY *eckey)
 {
 	ECDSA_SIG *s;
+	RAND_seed(dgst, dlen);
 	s = ECDSA_do_sign_ex(dgst, dlen, kinv, r, eckey);
 	if (s == NULL)
 	{