diff options
| author |   jsing <jsing@openbsd.org> | 2014-10-22 13:02:03 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2014-10-22 13:02:03 +0000 |
| commit | ef624301d95e1d2367e46a80103e7ba867cb892f (patch) | |
| tree | e7fb573ba5a2197cf6381ea6fe87308de30b6b53 /lib/libcrypto/des/rand_key.c | |
| parent | Introduce a special hack for carp during IPv6 source address selection: (diff) | |
| download | wireguard-openbsd-ef624301d95e1d2367e46a80103e7ba867cb892f.tar.xz wireguard-openbsd-ef624301d95e1d2367e46a80103e7ba867cb892f.zip | |
Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().
arc4random_buf() is guaranteed to always succeed - it is worth noting
that a number of the replaced function calls were already missing return
value checks.
ok deraadt@
Diffstat (limited to 'lib/libcrypto/des/rand_key.c')
| -rw-r--r-- | lib/libcrypto/des/rand_key.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/lib/libcrypto/des/rand_key.c b/lib/libcrypto/des/rand_key.c index 727d36f488e..7abb811df4e 100644 --- a/lib/libcrypto/des/rand_key.c +++ b/lib/libcrypto/des/rand_key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rand_key.c,v 1.7 2014/07/22 18:09:20 miod Exp $ */ +/* $OpenBSD: rand_key.c,v 1.8 2014/10/22 13:02:04 jsing Exp $ */ /* ==================================================================== * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. * @@ -53,15 +53,15 @@ * */ +#include <stdlib.h> + #include <openssl/des.h> -#include <openssl/rand.h> int DES_random_key(DES_cblock *ret) { do { - if (RAND_bytes((unsigned char *)ret, sizeof(DES_cblock)) != 1) - return (0); + arc4random_buf(ret, sizeof(DES_cblock)); DES_set_odd_parity(ret); } while (DES_is_weak_key(ret)); return (1); |