Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
e7f97e2d
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
大约 1 年 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
e7f97e2d
编写于
1月 21, 2000
作者:
U
Ulf Möller
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Check RAND_bytes() return value or use RAND_pseudo_bytes().
上级
731d9c5f
变更
20
隐藏空白更改
内联
并排
Showing
20 changed file
with
50 addition
and
35 deletion
+50
-35
CHANGES
CHANGES
+0
-4
apps/enc.c
apps/enc.c
+5
-1
crypto/asn1/p5_pbe.c
crypto/asn1/p5_pbe.c
+2
-1
crypto/asn1/p5_pbev2.c
crypto/asn1/p5_pbev2.c
+2
-2
crypto/bio/bf_nbio.c
crypto/bio/bf_nbio.c
+2
-2
crypto/des/des.c
crypto/des/des.c
+1
-1
crypto/des/enc_writ.c
crypto/des/enc_writ.c
+1
-1
crypto/dsa/dsa_gen.c
crypto/dsa/dsa_gen.c
+1
-1
crypto/evp/bio_ok.c
crypto/evp/bio_ok.c
+1
-1
crypto/evp/p_seal.c
crypto/evp/p_seal.c
+3
-2
crypto/pem/pem_lib.c
crypto/pem/pem_lib.c
+2
-1
crypto/pkcs12/p12_mutl.c
crypto/pkcs12/p12_mutl.c
+4
-1
crypto/pkcs7/pk7_doit.c
crypto/pkcs7/pk7_doit.c
+1
-1
crypto/rand/randfile.c
crypto/rand/randfile.c
+4
-3
ssl/s23_clnt.c
ssl/s23_clnt.c
+2
-2
ssl/s2_clnt.c
ssl/s2_clnt.c
+10
-3
ssl/s2_srvr.c
ssl/s2_srvr.c
+3
-3
ssl/s3_clnt.c
ssl/s3_clnt.c
+3
-2
ssl/s3_srvr.c
ssl/s3_srvr.c
+2
-2
ssl/ssl_sess.c
ssl/ssl_sess.c
+1
-1
未找到文件。
CHANGES
浏览文件 @
e7f97e2d
...
...
@@ -31,10 +31,6 @@
(1 = ok, 0 = not seeded). Also an error is recorded on the thread's
error queue. New function RAND_pseudo_bytes() generates output that is
guaranteed to be unique but not unpredictable.
(TO DO: always check the result of RAND_bytes when it is used in the
library, or use RAND_pseudo_bytes instead, because leaving the
error in the error queue but reporting success in a function that
uses RAND_bytes could confuse things considerably.)
[Ulf Möller]
*) Do more iterations of Rabin-Miller probable prime test (specifically,
...
...
apps/enc.c
浏览文件 @
e7f97e2d
...
...
@@ -448,7 +448,11 @@ bad:
"invalid hex salt value
\n
"
);
goto
end
;
}
}
else
RAND_bytes
(
salt
,
PKCS5_SALT_LEN
);
}
else
if
(
RAND_bytes
(
salt
,
PKCS5_SALT_LEN
)
<=
0
)
{
BIO_printf
(
bio_err
,
"prng not seeded
\n
"
);
goto
end
;
}
/* If -P option then don't bother writing */
if
((
printkey
!=
2
)
&&
(
BIO_write
(
wbio
,
magic
,
...
...
crypto/asn1/p5_pbe.c
浏览文件 @
e7f97e2d
...
...
@@ -129,7 +129,8 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt,
}
pbe
->
salt
->
length
=
saltlen
;
if
(
salt
)
memcpy
(
pbe
->
salt
->
data
,
salt
,
saltlen
);
else
RAND_bytes
(
pbe
->
salt
->
data
,
saltlen
);
else
if
(
RAND_bytes
(
pbe
->
salt
->
data
,
saltlen
)
<=
0
)
return
NULL
;
if
(
!
(
astype
=
ASN1_TYPE_new
()))
{
ASN1err
(
ASN1_F_ASN1_PBE_SET
,
ERR_R_MALLOC_FAILURE
);
...
...
crypto/asn1/p5_pbev2.c
浏览文件 @
e7f97e2d
...
...
@@ -194,7 +194,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
if
(
!
(
scheme
->
parameter
=
ASN1_TYPE_new
()))
goto
merr
;
/* Create random IV */
RAND_bytes
(
iv
,
EVP_CIPHER_iv_length
(
cipher
));
RAND_
pseudo_
bytes
(
iv
,
EVP_CIPHER_iv_length
(
cipher
));
/* Dummy cipherinit to just setup the IV */
EVP_CipherInit
(
&
ctx
,
cipher
,
NULL
,
iv
,
0
);
...
...
@@ -212,7 +212,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
if
(
!
(
osalt
->
data
=
Malloc
(
saltlen
)))
goto
merr
;
osalt
->
length
=
saltlen
;
if
(
salt
)
memcpy
(
osalt
->
data
,
salt
,
saltlen
);
else
RAND_bytes
(
osalt
->
data
,
saltlen
)
;
else
if
(
RAND_bytes
(
osalt
->
data
,
saltlen
)
<=
0
)
goto
merr
;
if
(
iter
<=
0
)
iter
=
PKCS5_DEFAULT_ITER
;
if
(
!
ASN1_INTEGER_set
(
kdf
->
iter
,
iter
))
goto
merr
;
...
...
crypto/bio/bf_nbio.c
浏览文件 @
e7f97e2d
...
...
@@ -137,7 +137,7 @@ static int nbiof_read(BIO *b, char *out, int outl)
BIO_clear_retry_flags
(
b
);
#if 0
RAND_bytes(&n,1);
RAND_
pseudo_
bytes(&n,1);
num=(n&0x07);
if (outl > num) outl=num;
...
...
@@ -178,7 +178,7 @@ static int nbiof_write(BIO *b, char *in, int inl)
}
else
{
RAND_bytes
(
&
n
,
1
);
RAND_
pseudo_
bytes
(
&
n
,
1
);
num
=
(
n
&
7
);
}
...
...
crypto/des/des.c
浏览文件 @
e7f97e2d
...
...
@@ -484,7 +484,7 @@ void doencryption(void)
if
(
feof
(
DES_IN
))
{
for
(
i
=
7
-
rem
;
i
>
0
;
i
--
)
RAND_bytes
(
buf
+
l
++
,
1
);
RAND_
pseudo_
bytes
(
buf
+
l
++
,
1
);
buf
[
l
++
]
=
rem
;
ex
=
1
;
len
+=
rem
;
...
...
crypto/des/enc_writ.c
浏览文件 @
e7f97e2d
...
...
@@ -130,7 +130,7 @@ int des_enc_write(int fd, const void *_buf, int len,
{
cp
=
shortbuf
;
memcpy
(
shortbuf
,
buf
,
len
);
RAND_bytes
(
shortbuf
+
len
,
8
-
len
);
RAND_
pseudo_
bytes
(
shortbuf
+
len
,
8
-
len
);
rnum
=
8
;
}
else
...
...
crypto/dsa/dsa_gen.c
浏览文件 @
e7f97e2d
...
...
@@ -121,7 +121,7 @@ DSA *DSA_generate_parameters(int bits, unsigned char *seed_in, int seed_len,
if
(
callback
!=
NULL
)
callback
(
0
,
m
++
,
cb_arg
);
if
(
!
seed_len
)
RAND_bytes
(
seed
,
SHA_DIGEST_LENGTH
);
RAND_
pseudo_
bytes
(
seed
,
SHA_DIGEST_LENGTH
);
else
seed_len
=
0
;
...
...
crypto/evp/bio_ok.c
浏览文件 @
e7f97e2d
...
...
@@ -451,7 +451,7 @@ static void sig_out(BIO* b)
if
(
ctx
->
buf_len
+
2
*
md
->
digest
->
md_size
>
OK_BLOCK_SIZE
)
return
;
EVP_DigestInit
(
md
,
md
->
digest
);
RAND_bytes
(
&
(
md
->
md
.
base
[
0
]),
md
->
digest
->
md_size
);
RAND_
pseudo_
bytes
(
&
(
md
->
md
.
base
[
0
]),
md
->
digest
->
md_size
);
memcpy
(
&
(
ctx
->
buf
[
ctx
->
buf_len
]),
&
(
md
->
md
.
base
[
0
]),
md
->
digest
->
md_size
);
longswap
(
&
(
ctx
->
buf
[
ctx
->
buf_len
]),
md
->
digest
->
md_size
);
ctx
->
buf_len
+=
md
->
digest
->
md_size
;
...
...
crypto/evp/p_seal.c
浏览文件 @
e7f97e2d
...
...
@@ -73,9 +73,10 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
int
i
;
if
(
npubk
<=
0
)
return
(
0
);
if
(
RAND_bytes
(
key
,
EVP_MAX_KEY_LENGTH
)
<=
0
)
return
(
0
);
if
(
RAND_bytes
(
key
,
EVP_MAX_KEY_LENGTH
)
<=
0
)
return
(
0
);
if
(
type
->
iv_len
>
0
)
RAND_bytes
(
iv
,
type
->
iv_len
);
RAND_
pseudo_
bytes
(
iv
,
type
->
iv_len
);
EVP_CIPHER_CTX_init
(
ctx
);
EVP_EncryptInit
(
ctx
,
type
,
key
,
iv
);
...
...
crypto/pem/pem_lib.c
浏览文件 @
e7f97e2d
...
...
@@ -379,7 +379,8 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
kstr
=
(
unsigned
char
*
)
buf
;
}
RAND_add
(
data
,
i
,
0
);
/* put in the RSA key. */
RAND_bytes
(
iv
,
8
);
/* Generate a salt */
if
(
RAND_bytes
(
iv
,
8
)
<=
0
)
/* Generate a salt */
goto
err
;
/* The 'iv' is used as the iv and as a salt. It is
* NOT taken from the BytesToKey function */
EVP_BytesToKey
(
enc
,
EVP_md5
(),
iv
,
kstr
,
klen
,
1
,
key
,
NULL
);
...
...
crypto/pkcs12/p12_mutl.c
浏览文件 @
e7f97e2d
...
...
@@ -156,7 +156,10 @@ int PKCS12_setup_mac (PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
PKCS12err
(
PKCS12_F_PKCS12_SETUP_MAC
,
ERR_R_MALLOC_FAILURE
);
return
0
;
}
if
(
!
salt
)
RAND_bytes
(
p12
->
mac
->
salt
->
data
,
saltlen
);
if
(
!
salt
)
{
if
(
RAND_bytes
(
p12
->
mac
->
salt
->
data
,
saltlen
)
<=
0
)
return
0
;
}
else
memcpy
(
p12
->
mac
->
salt
->
data
,
salt
,
saltlen
);
p12
->
mac
->
dinfo
->
algor
->
algorithm
=
OBJ_nid2obj
(
EVP_MD_type
(
md_type
));
if
(
!
(
p12
->
mac
->
dinfo
->
algor
->
parameter
=
ASN1_TYPE_new
()))
{
...
...
crypto/pkcs7/pk7_doit.c
浏览文件 @
e7f97e2d
...
...
@@ -164,7 +164,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
if
(
RAND_bytes
(
key
,
keylen
)
<=
0
)
goto
err
;
xalg
->
algorithm
=
OBJ_nid2obj
(
EVP_CIPHER_type
(
evp_cipher
));
if
(
ivlen
>
0
)
RAND_bytes
(
iv
,
ivlen
);
if
(
ivlen
>
0
)
RAND_
pseudo_
bytes
(
iv
,
ivlen
);
EVP_CipherInit
(
ctx
,
evp_cipher
,
key
,
iv
,
1
);
if
(
ivlen
>
0
)
{
...
...
crypto/rand/randfile.c
浏览文件 @
e7f97e2d
...
...
@@ -118,7 +118,7 @@ err:
int
RAND_write_file
(
const
char
*
file
)
{
unsigned
char
buf
[
BUFSIZE
];
int
i
,
ret
=
0
;
int
i
,
ret
=
0
,
err
=
0
;
FILE
*
out
=
NULL
;
int
n
;
...
...
@@ -156,7 +156,8 @@ int RAND_write_file(const char *file)
{
i
=
(
n
>
BUFSIZE
)
?
BUFSIZE
:
n
;
n
-=
BUFSIZE
;
RAND_bytes
(
buf
,
i
);
if
(
RAND_bytes
(
buf
,
i
)
<=
0
)
err
=
1
;
i
=
fwrite
(
buf
,
1
,
i
,
out
);
if
(
i
<=
0
)
{
...
...
@@ -169,7 +170,7 @@ int RAND_write_file(const char *file)
fclose
(
out
);
memset
(
buf
,
0
,
BUFSIZE
);
err:
return
(
ret
);
return
(
err
?
-
1
:
ret
);
}
char
*
RAND_file_name
(
char
*
buf
,
int
size
)
...
...
ssl/s23_clnt.c
浏览文件 @
e7f97e2d
...
...
@@ -224,7 +224,7 @@ static int ssl23_client_hello(SSL *s)
#endif
p
=
s
->
s3
->
client_random
;
RAND_bytes
(
p
,
SSL3_RANDOM_SIZE
);
RAND_
pseudo_
bytes
(
p
,
SSL3_RANDOM_SIZE
);
/* Do the message type and length last */
d
=
&
(
buf
[
2
]);
...
...
@@ -285,7 +285,7 @@ static int ssl23_client_hello(SSL *s)
i
=
ch_len
;
s2n
(
i
,
d
);
memset
(
&
(
s
->
s3
->
client_random
[
0
]),
0
,
SSL3_RANDOM_SIZE
);
RAND_bytes
(
&
(
s
->
s3
->
client_random
[
SSL3_RANDOM_SIZE
-
i
]),
i
);
RAND_
pseudo_
bytes
(
&
(
s
->
s3
->
client_random
[
SSL3_RANDOM_SIZE
-
i
]),
i
);
memcpy
(
p
,
&
(
s
->
s3
->
client_random
[
SSL3_RANDOM_SIZE
-
i
]),
i
);
p
+=
i
;
...
...
ssl/s2_clnt.c
浏览文件 @
e7f97e2d
...
...
@@ -515,7 +515,7 @@ static int client_hello(SSL *s)
s
->
s2
->
challenge_length
=
SSL2_CHALLENGE_LENGTH
;
s2n
(
SSL2_CHALLENGE_LENGTH
,
p
);
/* challenge length */
/*challenge id data*/
RAND_bytes
(
s
->
s2
->
challenge
,
SSL2_CHALLENGE_LENGTH
);
RAND_
pseudo_
bytes
(
s
->
s2
->
challenge
,
SSL2_CHALLENGE_LENGTH
);
memcpy
(
d
,
s
->
s2
->
challenge
,
SSL2_CHALLENGE_LENGTH
);
d
+=
SSL2_CHALLENGE_LENGTH
;
...
...
@@ -557,12 +557,19 @@ static int client_master_key(SSL *s)
/* make key_arg data */
i
=
EVP_CIPHER_iv_length
(
c
);
sess
->
key_arg_length
=
i
;
if
(
i
>
0
)
RAND_bytes
(
sess
->
key_arg
,
i
);
if
(
i
>
0
)
RAND_
pseudo_
bytes
(
sess
->
key_arg
,
i
);
/* make a master key */
i
=
EVP_CIPHER_key_length
(
c
);
sess
->
master_key_length
=
i
;
if
(
i
>
0
)
RAND_bytes
(
sess
->
master_key
,
i
);
if
(
i
>
0
)
{
if
(
RAND_bytes
(
sess
->
master_key
,
i
)
<=
0
)
{
ssl2_return_error
(
s
,
SSL2_PE_UNDEFINED_ERROR
);
goto
err
;
}
}
if
(
sess
->
cipher
->
algorithm2
&
SSL2_CF_8_BYTE_ENC
)
enc
=
8
;
...
...
ssl/s2_srvr.c
浏览文件 @
e7f97e2d
...
...
@@ -415,7 +415,7 @@ static int get_client_master_key(SSL *s)
i
=
ek
;
else
i
=
EVP_CIPHER_key_length
(
c
);
RAND_bytes
(
p
,
i
);
RAND_
pseudo_
bytes
(
p
,
i
);
}
#else
if
(
i
<
0
)
...
...
@@ -680,7 +680,7 @@ static int server_hello(SSL *s)
/* make and send conn_id */
s2n
(
SSL2_CONNECTION_ID_LENGTH
,
p
);
/* add conn_id length */
s
->
s2
->
conn_id_length
=
SSL2_CONNECTION_ID_LENGTH
;
RAND_bytes
(
s
->
s2
->
conn_id
,(
int
)
s
->
s2
->
conn_id_length
);
RAND_
pseudo_
bytes
(
s
->
s2
->
conn_id
,(
int
)
s
->
s2
->
conn_id_length
);
memcpy
(
d
,
s
->
s2
->
conn_id
,
SSL2_CONNECTION_ID_LENGTH
);
d
+=
SSL2_CONNECTION_ID_LENGTH
;
...
...
@@ -798,7 +798,7 @@ static int request_certificate(SSL *s)
p
=
(
unsigned
char
*
)
s
->
init_buf
->
data
;
*
(
p
++
)
=
SSL2_MT_REQUEST_CERTIFICATE
;
*
(
p
++
)
=
SSL2_AT_MD5_WITH_RSA_ENCRYPTION
;
RAND_bytes
(
ccd
,
SSL2_MIN_CERT_CHALLENGE_LENGTH
);
RAND_
pseudo_
bytes
(
ccd
,
SSL2_MIN_CERT_CHALLENGE_LENGTH
);
memcpy
(
p
,
ccd
,
SSL2_MIN_CERT_CHALLENGE_LENGTH
);
s
->
state
=
SSL2_ST_SEND_REQUEST_CERTIFICATE_B
;
...
...
ssl/s3_clnt.c
浏览文件 @
e7f97e2d
...
...
@@ -466,7 +466,7 @@ static int ssl3_client_hello(SSL *s)
p
=
s
->
s3
->
client_random
;
Time
=
time
(
NULL
);
/* Time */
l2n
(
Time
,
p
);
RAND_bytes
(
p
,
SSL3_RANDOM_SIZE
-
sizeof
(
Time
));
RAND_
pseudo_
bytes
(
p
,
SSL3_RANDOM_SIZE
-
sizeof
(
Time
));
/* Do the message type and length last */
d
=
p
=
&
(
buf
[
4
]);
...
...
@@ -1341,7 +1341,8 @@ static int ssl3_send_client_key_exchange(SSL *s)
tmp_buf
[
0
]
=
s
->
client_version
>>
8
;
tmp_buf
[
1
]
=
s
->
client_version
&
0xff
;
RAND_bytes
(
&
(
tmp_buf
[
2
]),
SSL_MAX_MASTER_KEY_LENGTH
-
2
);
if
(
RAND_bytes
(
&
(
tmp_buf
[
2
]),
SSL_MAX_MASTER_KEY_LENGTH
-
2
)
<=
0
)
goto
err
;
s
->
session
->
master_key_length
=
SSL_MAX_MASTER_KEY_LENGTH
;
...
...
ssl/s3_srvr.c
浏览文件 @
e7f97e2d
...
...
@@ -816,7 +816,7 @@ static int ssl3_send_server_hello(SSL *s)
p
=
s
->
s3
->
server_random
;
Time
=
time
(
NULL
);
/* Time */
l2n
(
Time
,
p
);
RAND_bytes
(
p
,
SSL3_RANDOM_SIZE
-
sizeof
(
Time
));
RAND_
pseudo_
bytes
(
p
,
SSL3_RANDOM_SIZE
-
sizeof
(
Time
));
/* Do the message type and length last */
d
=
p
=
&
(
buf
[
4
]);
...
...
@@ -1292,7 +1292,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
{
p[0]=(s->version>>8);
p[1]=(s->version & 0xff);
RAND_bytes(&(p[2]),SSL_MAX_MASTER_KEY_LENGTH-2);
RAND_
pseudo_
bytes(&(p[2]),SSL_MAX_MASTER_KEY_LENGTH-2);
i=SSL_MAX_MASTER_KEY_LENGTH;
}
/* else, an SSLeay bug, ssl only server, tls client */
...
...
ssl/ssl_sess.c
浏览文件 @
e7f97e2d
...
...
@@ -184,7 +184,7 @@ int ssl_get_new_session(SSL *s, int session)
{
SSL_SESSION
*
r
;
RAND_bytes
(
ss
->
session_id
,
ss
->
session_id_length
);
RAND_
pseudo_
bytes
(
ss
->
session_id
,
ss
->
session_id_length
);
CRYPTO_r_lock
(
CRYPTO_LOCK_SSL_CTX
);
r
=
(
SSL_SESSION
*
)
lh_retrieve
(
s
->
ctx
->
sessions
,
(
char
*
)
ss
);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录