diff options
| author |   miod <miod@openbsd.org> | 2014-11-09 19:24:30 +0000 |
|---|---|---|
| committer | miod <miod@openbsd.org> | 2014-11-09 19:24:30 +0000 |
| commit | 9cee1ddabf407e0b3ebc1e105da37828b5c9f0fd (patch) | |
| tree | 33e7b61477bd477384ddd59f92fce4e71b5b9b24 /lib/libssl/src | |
| parent | GOST crypto algorithms (well, most of them), ported from the removed GOST (diff) | |
| download | wireguard-openbsd-9cee1ddabf407e0b3ebc1e105da37828b5c9f0fd.tar.xz wireguard-openbsd-9cee1ddabf407e0b3ebc1e105da37828b5c9f0fd.zip | |
Replace RAND_bytes() usage with arc4random_buf().
Diffstat (limited to 'lib/libssl/src')
| -rw-r--r-- | lib/libssl/src/crypto/gost/gost.h | 3 | ||||
| -rw-r--r-- | lib/libssl/src/crypto/gost/gost_err.c | 1 | ||||
| -rw-r--r-- | lib/libssl/src/crypto/gost/gostr341001_pmeth.c | 9 |
3 files changed, 3 insertions, 10 deletions
diff --git a/lib/libssl/src/crypto/gost/gost.h b/lib/libssl/src/crypto/gost/gost.h index 5296e7b9c2b..516c1b41fc9 100644 --- a/lib/libssl/src/crypto/gost/gost.h +++ b/lib/libssl/src/crypto/gost/gost.h @@ -1,4 +1,4 @@ -/* $OpenBSD: gost.h,v 1.1 2014/11/09 19:17:13 miod Exp $ */ +/* $OpenBSD: gost.h,v 1.2 2014/11/09 19:24:30 miod Exp $ */ /* * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> * Copyright (c) 2005-2006 Cryptocom LTD @@ -251,7 +251,6 @@ void ERR_load_GOST_strings(void); #define GOST_R_NO_PEER_KEY 116 #define GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR 117 #define GOST_R_PUBLIC_KEY_UNDEFINED 118 -#define GOST_R_RANDOM_GENERATOR_FAILURE 119 #define GOST_R_RANDOM_NUMBER_GENERATOR_FAILED 120 #define GOST_R_SIGNATURE_MISMATCH 121 #define GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q 122 diff --git a/lib/libssl/src/crypto/gost/gost_err.c b/lib/libssl/src/crypto/gost/gost_err.c index a52fe4cd5aa..b4e061f985b 100644 --- a/lib/libssl/src/crypto/gost/gost_err.c +++ b/lib/libssl/src/crypto/gost/gost_err.c @@ -120,7 +120,6 @@ static ERR_STRING_DATA GOST_str_reasons[]= {ERR_REASON(GOST_R_NO_PEER_KEY) ,"no peer key"}, {ERR_REASON(GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR),"no private part of non ephemeral keypair"}, {ERR_REASON(GOST_R_PUBLIC_KEY_UNDEFINED) ,"public key undefined"}, -{ERR_REASON(GOST_R_RANDOM_GENERATOR_FAILURE),"random generator failure"}, {ERR_REASON(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED),"random number generator failed"}, {ERR_REASON(GOST_R_SIGNATURE_MISMATCH) ,"signature mismatch"}, {ERR_REASON(GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q),"signature parts greater than q"}, diff --git a/lib/libssl/src/crypto/gost/gostr341001_pmeth.c b/lib/libssl/src/crypto/gost/gostr341001_pmeth.c index 0f82e88a9d0..910c0b9c45d 100644 --- a/lib/libssl/src/crypto/gost/gostr341001_pmeth.c +++ b/lib/libssl/src/crypto/gost/gostr341001_pmeth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gostr341001_pmeth.c,v 1.1 2014/11/09 19:17:13 miod Exp $ */ +/* $OpenBSD: gostr341001_pmeth.c,v 1.2 2014/11/09 19:24:30 miod Exp $ */ /* * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> * Copyright (c) 2005-2006 Cryptocom LTD @@ -60,7 +60,6 @@ #include <openssl/ec.h> #include <openssl/ecdsa.h> #include <openssl/x509.h> -#include <openssl/rand.h> /* for RAND_bytes */ #include "evp_locl.h" #include "gost_locl.h" @@ -454,11 +453,7 @@ int pkey_gost01_encrypt(EVP_PKEY_CTX * pctx, unsigned char *out, if (data->shared_ukm) { memcpy(ukm, data->shared_ukm, 8); } else if (out) { - if (RAND_bytes(ukm, 8) <= 0) { - GOSTerr(GOST_F_PKEY_GOST01_ENCRYPT, - GOST_R_RANDOM_GENERATOR_FAILURE); - return 0; - } + arc4random_buf(ukm, 8); } /* Check for private key in the peer_key of context */ if (sec_key) { |