diff options
| author | Pauli <pauli@openssl.org> | 2021-05-28 14:46:40 +1000 |
|---|---|---|
| committer | Pauli <pauli@openssl.org> | 2021-05-29 17:17:12 +1000 |
| commit | 5cbd2ea3f94aa8adec9b4486ac757d4d688e3f8c (patch) | |
| tree | 77ed94d8e02241ec4af496cd44e85feb26d6e01b /crypto/asn1 | |
| parent | 965fa9c0804dadb6f99dedbff9255a2ce6ddb640 (diff) | |
add zero strenght arguments to BN and RAND RNG calls
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15513)
Diffstat (limited to 'crypto/asn1')
| -rw-r--r-- | crypto/asn1/asn_mime.c | 2 | ||||
| -rw-r--r-- | crypto/asn1/p5_pbe.c | 2 | ||||
| -rw-r--r-- | crypto/asn1/p5_pbev2.c | 5 |
3 files changed, 5 insertions, 4 deletions
diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c index 8d7094d035..1c1f72f800 100644 --- a/crypto/asn1/asn_mime.c +++ b/crypto/asn1/asn_mime.c @@ -251,7 +251,7 @@ int SMIME_write_ASN1_ex(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, if ((flags & SMIME_DETACHED) && data) { /* We want multipart/signed */ /* Generate a random boundary */ - if (RAND_bytes_ex(libctx, (unsigned char *)bound, 32) <= 0) + if (RAND_bytes_ex(libctx, (unsigned char *)bound, 32, 0) <= 0) return 0; for (i = 0; i < 32; i++) { c = bound[i] & 0xf; diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c index 61b8587ebd..9bc8aaa7a3 100644 --- a/crypto/asn1/p5_pbe.c +++ b/crypto/asn1/p5_pbe.c @@ -55,7 +55,7 @@ int PKCS5_pbe_set0_algor_ex(X509_ALGOR *algor, int alg, int iter, } if (salt) memcpy(sstr, salt, saltlen); - else if (RAND_bytes_ex(ctx, sstr, saltlen) <= 0) + else if (RAND_bytes_ex(ctx, sstr, saltlen, 0) <= 0) goto err; ASN1_STRING_set0(pbe->salt, sstr, saltlen); diff --git a/crypto/asn1/p5_pbev2.c b/crypto/asn1/p5_pbev2.c index c9d9d31cc2..d16fb8cfe3 100644 --- a/crypto/asn1/p5_pbev2.c +++ b/crypto/asn1/p5_pbev2.c @@ -69,7 +69,8 @@ X509_ALGOR *PKCS5_pbe2_set_iv_ex(const EVP_CIPHER *cipher, int iter, if (EVP_CIPHER_iv_length(cipher)) { if (aiv) memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher)); - else if (RAND_bytes_ex(libctx, iv, EVP_CIPHER_iv_length(cipher)) <= 0) + else if (RAND_bytes_ex(libctx, iv, EVP_CIPHER_iv_length(cipher), + 0) <= 0) goto err; } @@ -187,7 +188,7 @@ X509_ALGOR *PKCS5_pbkdf2_set_ex(int iter, unsigned char *salt, int saltlen, if (salt) memcpy(osalt->data, salt, saltlen); - else if (RAND_bytes_ex(libctx, osalt->data, saltlen) <= 0) + else if (RAND_bytes_ex(libctx, osalt->data, saltlen, 0) <= 0) goto merr; if (iter <= 0) |