RAND_bytes updates

Ensure RAND_bytes return value is checked correctly, and that we no longer use RAND_pseudo_bytes. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-02-26 11:57:37 +00:00
parent 8817e2e0c9
commit 266483d2f5
36 changed files with 100 additions and 66 deletions
--- a/crypto/evp/p_seal.c
+++ b/crypto/evp/p_seal.c
@@ -82,8 +82,9 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
        return 1;
    if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
        return 0;
-    if (EVP_CIPHER_CTX_iv_length(ctx))
-        RAND_pseudo_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx));
+    if (EVP_CIPHER_CTX_iv_length(ctx)
+        && RAND_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx)) <= 0)
+        return 0;

    if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
        return 0;