diff options
-rw-r--r-- | crypto/rand/rand_lib.c | 12 | ||||
-rw-r--r-- | doc/man3/RAND_bytes.pod | 4 | ||||
-rw-r--r-- | include/crypto/ecerr.h | 2 | ||||
-rw-r--r-- | include/openssl/ecerr.h | 1 | ||||
-rw-r--r-- | include/openssl/rand.h | 4 | ||||
-rw-r--r-- | include/openssl/rsaerr.h | 1 |
6 files changed, 15 insertions, 9 deletions
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 7ad05ea008..56e615f6b9 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -315,7 +315,7 @@ const RAND_METHOD *RAND_get_rand_method(void) * the default method, then just call RAND_bytes(). Otherwise make * sure we're instantiated and use the private DRBG. */ -int RAND_priv_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, int num, +int RAND_priv_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t num, unsigned int strength) { EVP_RAND_CTX *rand; @@ -339,10 +339,12 @@ int RAND_priv_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, int num, int RAND_priv_bytes(unsigned char *buf, int num) { - return RAND_priv_bytes_ex(NULL, buf, num, 0); + if (num < 0) + return 0; + return RAND_priv_bytes_ex(NULL, buf, (size_t)num, 0); } -int RAND_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, int num, +int RAND_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t num, unsigned int strength) { EVP_RAND_CTX *rand; @@ -366,7 +368,9 @@ int RAND_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, int num, int RAND_bytes(unsigned char *buf, int num) { - return RAND_bytes_ex(NULL, buf, num, 0); + if (num < 0) + return 0; + return RAND_bytes_ex(NULL, buf, (size_t)num, 0); } typedef struct rand_global_st { diff --git a/doc/man3/RAND_bytes.pod b/doc/man3/RAND_bytes.pod index 832790fb95..3267d8fbb1 100644 --- a/doc/man3/RAND_bytes.pod +++ b/doc/man3/RAND_bytes.pod @@ -12,9 +12,9 @@ RAND_pseudo_bytes - generate random data int RAND_bytes(unsigned char *buf, int num); int RAND_priv_bytes(unsigned char *buf, int num); - int RAND_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, int num, + int RAND_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t num, unsigned int strength); - int RAND_priv_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, int num, + int RAND_priv_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t num, unsigned int strength); Deprecated since OpenSSL 1.1.0, can be hidden entirely by defining diff --git a/include/crypto/ecerr.h b/include/crypto/ecerr.h index e08a4dba97..07b6c7aa62 100644 --- a/include/crypto/ecerr.h +++ b/include/crypto/ecerr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/include/openssl/ecerr.h b/include/openssl/ecerr.h index a017fbeb76..49088d208b 100644 --- a/include/openssl/ecerr.h +++ b/include/openssl/ecerr.h @@ -56,6 +56,7 @@ # define EC_R_INVALID_GENERATOR 173 # define EC_R_INVALID_GROUP_ORDER 122 # define EC_R_INVALID_KEY 116 +# define EC_R_INVALID_LENGTH 117 # define EC_R_INVALID_NAMED_GROUP_CONVERSION 174 # define EC_R_INVALID_OUTPUT_LENGTH 161 # define EC_R_INVALID_P 172 diff --git a/include/openssl/rand.h b/include/openssl/rand.h index 304fd9fe1e..ad3054fd57 100644 --- a/include/openssl/rand.h +++ b/include/openssl/rand.h @@ -65,14 +65,14 @@ int RAND_priv_bytes(unsigned char *buf, int num); * Equivalent of RAND_priv_bytes() but additionally taking an OSSL_LIB_CTX and * a strength. */ -int RAND_priv_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, int num, +int RAND_priv_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t num, unsigned int strength); /* * Equivalent of RAND_bytes() but additionally taking an OSSL_LIB_CTX and * a strength. */ -int RAND_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, int num, +int RAND_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t num, unsigned int strength); # ifndef OPENSSL_NO_DEPRECATED_1_1_0 diff --git a/include/openssl/rsaerr.h b/include/openssl/rsaerr.h index 4335f1cb33..c58463c7c1 100644 --- a/include/openssl/rsaerr.h +++ b/include/openssl/rsaerr.h @@ -48,6 +48,7 @@ # define RSA_R_INVALID_KEYPAIR 171 # define RSA_R_INVALID_KEY_LENGTH 173 # define RSA_R_INVALID_LABEL 160 +# define RSA_R_INVALID_LENGTH 181 # define RSA_R_INVALID_MESSAGE_LENGTH 131 # define RSA_R_INVALID_MGF1_MD 156 # define RSA_R_INVALID_MODULUS 174 |