Precautions against using the PRNG uninitialized: RAND_bytes() now

returns int (1 = ok, 0 = not seeded). New function RAND_add() is the same as RAND_seed() but takes an estimate of the entropy as an additional argument.
author: Ulf Möller <ulf@openssl.org> 2000-01-13 20:59:17 +0000
committer: Ulf Möller <ulf@openssl.org> 2000-01-13 20:59:17 +0000
commit: eb952088f0d5da59e569ae2aa33e9b96bc3b586d (patch)
tree: 1d722a423148a6b568a1e6d42f01943aed6cfb2a /crypto/rsa/rsa_oaep.c
parent: 22e219d90f1ea5d3b2f4abb72c846a436ea33eff (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c
index 843c40c864..1465c01f4f 100644
--- a/crypto/rsa/rsa_oaep.c
+++ b/crypto/rsa/rsa_oaep.c
@@ -50,7 +50,8 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
 	   emlen - flen - 2 * SHA_DIGEST_LENGTH - 1);
     db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01;
     memcpy(db + emlen - flen - SHA_DIGEST_LENGTH, from, (unsigned int) flen);
-    RAND_bytes(seed, SHA_DIGEST_LENGTH);
+    if (RAND_bytes(seed, SHA_DIGEST_LENGTH) <= 0)
+    	return (0);
 #ifdef PKCS_TESTVECT
     memcpy(seed,
 	   "\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2\xf0\x6c\xb5\x8f",
author	Ulf Möller <ulf@openssl.org>	2000-01-13 20:59:17 +0000
committer	Ulf Möller <ulf@openssl.org>	2000-01-13 20:59:17 +0000
commit	eb952088f0d5da59e569ae2aa33e9b96bc3b586d (patch)
tree	1d722a423148a6b568a1e6d42f01943aed6cfb2a /crypto/rsa/rsa_oaep.c
parent	22e219d90f1ea5d3b2f4abb72c846a436ea33eff (diff)