From eb952088f0d5da59e569ae2aa33e9b96bc3b586d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ulf=20M=C3=B6ller?= <ulf@openssl.org>
Date: Thu, 13 Jan 2000 20:59:17 +0000
Subject: Precautions against using the PRNG uninitialized: RAND_bytes() now
 returns int (1 = ok, 0 = not seeded). New function RAND_add() is the same as
 RAND_seed() but takes an estimate of the entropy as an additional argument.

---
 crypto/pkcs7/pk7_doit.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'crypto/pkcs7/pk7_doit.c')

diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index fa0159ee1d..78355c9387 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -161,7 +161,8 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
 		BIO_get_cipher_ctx(btmp, &ctx);
 		keylen=EVP_CIPHER_key_length(evp_cipher);
 		ivlen=EVP_CIPHER_iv_length(evp_cipher);
-		RAND_bytes(key,keylen);
+		if (RAND_bytes(key,keylen) <= 0)
+			goto err;
 		xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));
 		if (ivlen > 0) RAND_bytes(iv,ivlen);
 		EVP_CipherInit(ctx, evp_cipher, key, iv, 1);
-- 
cgit v1.2.3