diff options
| author | Kurt Roeckx <kurt@roeckx.be> | 2018-03-08 22:30:28 +0100 |
|---|---|---|
| committer | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2018-03-19 15:04:40 +0100 |
| commit | 16cfc2c90d9e7776965db07c1f31bbec2f6c41e3 (patch) | |
| tree | dab155d1453fce5e7e2a5d6c2d4d02557227cb41 /crypto/evp/e_des3.c | |
| parent | 7caf122e717e79afcb986fe217e77a630b67bf4c (diff) | |
Don't use a ssl specific DRBG anymore
Since the public and private DRBG are per thread we don't need one
per ssl object anymore. It could also try to get entropy from a DRBG
that's really from an other thread because the SSL object moved to an
other thread.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5547)
Diffstat (limited to 'crypto/evp/e_des3.c')
| -rw-r--r-- | crypto/evp/e_des3.c | 13 |
1 files changed, 2 insertions, 11 deletions
diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c index b8fe42cb96..da77936c96 100644 --- a/crypto/evp/e_des3.c +++ b/crypto/evp/e_des3.c @@ -15,7 +15,6 @@ # include "internal/evp_int.h" # include <openssl/des.h> # include <openssl/rand.h> -# include <openssl/rand_drbg.h> # include "evp_locl.h" typedef struct { @@ -284,12 +283,8 @@ static int des3_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) switch (type) { case EVP_CTRL_RAND_KEY: - if (ctx->drbg != NULL) { - if (RAND_DRBG_bytes(ctx->drbg, ptr, EVP_CIPHER_CTX_key_length(ctx)) == 0) - return 0; - } else if (RAND_bytes(ptr, EVP_CIPHER_CTX_key_length(ctx)) <= 0) { + if (RAND_bytes(ptr, EVP_CIPHER_CTX_key_length(ctx)) <= 0) return 0; - } DES_set_odd_parity(deskey); if (EVP_CIPHER_CTX_key_length(ctx) >= 16) DES_set_odd_parity(deskey + 1); @@ -377,12 +372,8 @@ static int des_ede3_wrap(EVP_CIPHER_CTX *ctx, unsigned char *out, memcpy(out + inl + 8, sha1tmp, 8); OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH); /* Generate random IV */ - if (ctx->drbg != NULL) { - if (RAND_DRBG_bytes(ctx->drbg, EVP_CIPHER_CTX_iv_noconst(ctx), 8) == 0) - return -1; - } else if (RAND_bytes(EVP_CIPHER_CTX_iv_noconst(ctx), 8) <= 0) { + if (RAND_bytes(EVP_CIPHER_CTX_iv_noconst(ctx), 8) <= 0) return -1; - } memcpy(out, EVP_CIPHER_CTX_iv_noconst(ctx), 8); /* Encrypt everything after IV in place */ des_ede_cbc_cipher(ctx, out + 8, out + 8, inl + 8); |