From 1a3914fe0cb3f1bcfeb7e80bbcb72bc7f279892d Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Wed, 9 Sep 2009 12:14:36 +0000
Subject: Seed PRNG with DSA and ECDSA digests for additional protection
 against possible PRNG state duplication.

---
 crypto/ecdsa/ecs_sign.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'crypto/ecdsa')

diff --git a/crypto/ecdsa/ecs_sign.c b/crypto/ecdsa/ecs_sign.c
index 74b1fe8caf..353d5af514 100644
--- a/crypto/ecdsa/ecs_sign.c
+++ b/crypto/ecdsa/ecs_sign.c
@@ -57,6 +57,7 @@
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
+#include <openssl/rand.h>
 
 ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
 {
@@ -83,6 +84,7 @@ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dlen, unsigned char
 	EC_KEY *eckey)
 {
 	ECDSA_SIG *s;
+	RAND_seed(dgst, dlen);
 	s = ECDSA_do_sign_ex(dgst, dlen, kinv, r, eckey);
 	if (s == NULL)
 	{
-- 
cgit v1.2.3