RAND_bytes updates

Ensure RAND_bytes return value is checked correctly, and that we no longer use RAND_pseudo_bytes. Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Matt Caswell <matt@openssl.org> 2015-02-26 11:57:37 +0000
committer: Matt Caswell <matt@openssl.org> 2015-03-25 12:38:07 +0000
commit: 266483d2f56b0764849797f31866bfd84f9c3aa8 (patch)
tree: 42323d0c8b8cea8da4aff3dfdd4bc2251e34a0db /crypto/evp/p_seal.c
parent: 8817e2e0c998757d3bd036d7f45fe8d0a49fbe2d (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/crypto/evp/p_seal.c b/crypto/evp/p_seal.c
index caabbf406f..ba9dfff215 100644
--- a/crypto/evp/p_seal.c
+++ b/crypto/evp/p_seal.c
@@ -82,8 +82,9 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
         return 1;
     if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
         return 0;
-    if (EVP_CIPHER_CTX_iv_length(ctx))
-        RAND_pseudo_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx));
+    if (EVP_CIPHER_CTX_iv_length(ctx)
+        && RAND_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx)) <= 0)
+        return 0;
 
     if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
         return 0;
author	Matt Caswell <matt@openssl.org>	2015-02-26 11:57:37 +0000
committer	Matt Caswell <matt@openssl.org>	2015-03-25 12:38:07 +0000
commit	266483d2f56b0764849797f31866bfd84f9c3aa8 (patch)
tree	42323d0c8b8cea8da4aff3dfdd4bc2251e34a0db /crypto/evp/p_seal.c
parent	8817e2e0c998757d3bd036d7f45fe8d0a49fbe2d (diff)