1. RAND_seed is now DEPRECATED

2. Even passing a digest in as entropy is sloppy.

But apparently the OpenSSL guys could find no objects of lesser value to
pass to the pluggable random subsystem, and had to resort to private keys
and digests.  Classy.

ok djm

2 files changed, 0 insertions, 2 deletions

diff --git a/lib/libssl/src/crypto/dsa/dsa_asn1.c b/lib/libssl/src/crypto/dsa/dsa_asn1.c
index 60585343746..19528dcd7ac 100644
--- a/lib/libssl/src/crypto/dsa/dsa_asn1.c
+++ b/lib/libssl/src/crypto/dsa/dsa_asn1.c
@@ -154,7 +154,6 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
 	     unsigned int *siglen, DSA *dsa)
 	{
 	DSA_SIG *s;
-	RAND_seed(dgst, dlen);
 	s=DSA_do_sign(dgst,dlen,dsa);
 	if (s == NULL)
 		{
diff --git a/lib/libssl/src/crypto/ecdsa/ecs_sign.c b/lib/libssl/src/crypto/ecdsa/ecs_sign.c
index 353d5af5146..a60c327e4df 100644
--- a/lib/libssl/src/crypto/ecdsa/ecs_sign.c
+++ b/lib/libssl/src/crypto/ecdsa/ecs_sign.c
@@ -84,7 +84,6 @@ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dlen, unsigned char
 	EC_KEY *eckey)
 {
 	ECDSA_SIG *s;
-	RAND_seed(dgst, dlen);
 	s = ECDSA_do_sign_ex(dgst, dlen, kinv, r, eckey);
 	if (s == NULL)
 	{