Seed PRNG with DSA and ECDSA digests for additional protection against

possible PRNG state duplication.
2009-09-09 12:14:36 +00:00
parent b7e3cb31a5
commit 1a3914fe0c
2 changed files with 4 additions and 0 deletions
--- a/crypto/dsa/dsa_sign.c
+++ b/crypto/dsa/dsa_sign.c
@@ -60,6 +60,7 @@

 #include "cryptlib.h"
 #include <openssl/dsa.h>
+#include <openssl/rand.h>

 DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	{
@@ -70,6 +71,7 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
 	     unsigned int *siglen, DSA *dsa)
 	{
 	DSA_SIG *s;
+	RAND_seed(dgst, dlen);
 	s=DSA_do_sign(dgst,dlen,dsa);
 	if (s == NULL)
 		{