RAND_bytes updates

Ensure RAND_bytes return value is checked correctly, and that we no longer use RAND_pseudo_bytes. Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Matt Caswell <matt@openssl.org> 2015-02-26 11:57:37 +0000
committer: Matt Caswell <matt@openssl.org> 2015-03-25 12:38:07 +0000
commit: 266483d2f56b0764849797f31866bfd84f9c3aa8 (patch)
tree: 42323d0c8b8cea8da4aff3dfdd4bc2251e34a0db /crypto/asn1/p5_pbev2.c
parent: 8817e2e0c998757d3bd036d7f45fe8d0a49fbe2d (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/asn1/p5_pbev2.c b/crypto/asn1/p5_pbev2.c
index c56d850a74..60abbe2649 100644
--- a/crypto/asn1/p5_pbev2.c
+++ b/crypto/asn1/p5_pbev2.c
@@ -120,7 +120,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
     if (EVP_CIPHER_iv_length(cipher)) {
         if (aiv)
             memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
-        else if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
+        else if (RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)) <= 0)
             goto err;
     }
 
@@ -225,7 +225,7 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
 
     if (salt)
         memcpy(osalt->data, salt, saltlen);
-    else if (RAND_pseudo_bytes(osalt->data, saltlen) < 0)
+    else if (RAND_bytes(osalt->data, saltlen) <= 0)
         goto merr;
 
     if (iter <= 0)
author	Matt Caswell <matt@openssl.org>	2015-02-26 11:57:37 +0000
committer	Matt Caswell <matt@openssl.org>	2015-03-25 12:38:07 +0000
commit	266483d2f56b0764849797f31866bfd84f9c3aa8 (patch)
tree	42323d0c8b8cea8da4aff3dfdd4bc2251e34a0db /crypto/asn1/p5_pbev2.c
parent	8817e2e0c998757d3bd036d7f45fe8d0a49fbe2d (diff)