diff options
| author | deraadt <> | 2014-04-17 12:48:51 +0000 |
|---|---|---|
| committer | deraadt <> | 2014-04-17 12:48:51 +0000 |
| commit | fbb73ea40e595f9973fcee43ad0749ea37c526cd (patch) | |
| tree | c40fe52cf6e39d5f7d63db229c175ecb23e66db1 | |
| parent | 4d7eca7b24fded9e0b845b005a0575963ff529e2 (diff) | |
| download | openbsd-fbb73ea40e595f9973fcee43ad0749ea37c526cd.tar.gz openbsd-fbb73ea40e595f9973fcee43ad0749ea37c526cd.tar.bz2 openbsd-fbb73ea40e595f9973fcee43ad0749ea37c526cd.zip | |
1. RAND_seed is now DEPRECATED
2. Even passing a digest in as entropy is sloppy.
But apparently the OpenSSL guys could find no objects of lesser value to
pass to the pluggable random subsystem, and had to resort to private keys
and digests. Classy.
ok djm
| -rw-r--r-- | src/lib/libcrypto/dsa/dsa_asn1.c | 1 | ||||
| -rw-r--r-- | src/lib/libcrypto/ecdsa/ecs_sign.c | 1 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/dsa/dsa_asn1.c | 1 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/ecdsa/ecs_sign.c | 1 |
4 files changed, 0 insertions, 4 deletions
diff --git a/src/lib/libcrypto/dsa/dsa_asn1.c b/src/lib/libcrypto/dsa/dsa_asn1.c index 6058534374..19528dcd7a 100644 --- a/src/lib/libcrypto/dsa/dsa_asn1.c +++ b/src/lib/libcrypto/dsa/dsa_asn1.c | |||
| @@ -154,7 +154,6 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, | |||
| 154 | unsigned int *siglen, DSA *dsa) | 154 | unsigned int *siglen, DSA *dsa) |
| 155 | { | 155 | { |
| 156 | DSA_SIG *s; | 156 | DSA_SIG *s; |
| 157 | RAND_seed(dgst, dlen); | ||
| 158 | s=DSA_do_sign(dgst,dlen,dsa); | 157 | s=DSA_do_sign(dgst,dlen,dsa); |
| 159 | if (s == NULL) | 158 | if (s == NULL) |
| 160 | { | 159 | { |
diff --git a/src/lib/libcrypto/ecdsa/ecs_sign.c b/src/lib/libcrypto/ecdsa/ecs_sign.c index 353d5af514..a60c327e4d 100644 --- a/src/lib/libcrypto/ecdsa/ecs_sign.c +++ b/src/lib/libcrypto/ecdsa/ecs_sign.c | |||
| @@ -84,7 +84,6 @@ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dlen, unsigned char | |||
| 84 | EC_KEY *eckey) | 84 | EC_KEY *eckey) |
| 85 | { | 85 | { |
| 86 | ECDSA_SIG *s; | 86 | ECDSA_SIG *s; |
| 87 | RAND_seed(dgst, dlen); | ||
| 88 | s = ECDSA_do_sign_ex(dgst, dlen, kinv, r, eckey); | 87 | s = ECDSA_do_sign_ex(dgst, dlen, kinv, r, eckey); |
| 89 | if (s == NULL) | 88 | if (s == NULL) |
| 90 | { | 89 | { |
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_asn1.c b/src/lib/libssl/src/crypto/dsa/dsa_asn1.c index 6058534374..19528dcd7a 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_asn1.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_asn1.c | |||
| @@ -154,7 +154,6 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, | |||
| 154 | unsigned int *siglen, DSA *dsa) | 154 | unsigned int *siglen, DSA *dsa) |
| 155 | { | 155 | { |
| 156 | DSA_SIG *s; | 156 | DSA_SIG *s; |
| 157 | RAND_seed(dgst, dlen); | ||
| 158 | s=DSA_do_sign(dgst,dlen,dsa); | 157 | s=DSA_do_sign(dgst,dlen,dsa); |
| 159 | if (s == NULL) | 158 | if (s == NULL) |
| 160 | { | 159 | { |
diff --git a/src/lib/libssl/src/crypto/ecdsa/ecs_sign.c b/src/lib/libssl/src/crypto/ecdsa/ecs_sign.c index 353d5af514..a60c327e4d 100644 --- a/src/lib/libssl/src/crypto/ecdsa/ecs_sign.c +++ b/src/lib/libssl/src/crypto/ecdsa/ecs_sign.c | |||
| @@ -84,7 +84,6 @@ int ECDSA_sign_ex(int type, const unsigned char *dgst, int dlen, unsigned char | |||
| 84 | EC_KEY *eckey) | 84 | EC_KEY *eckey) |
| 85 | { | 85 | { |
| 86 | ECDSA_SIG *s; | 86 | ECDSA_SIG *s; |
| 87 | RAND_seed(dgst, dlen); | ||
| 88 | s = ECDSA_do_sign_ex(dgst, dlen, kinv, r, eckey); | 87 | s = ECDSA_do_sign_ex(dgst, dlen, kinv, r, eckey); |
| 89 | if (s == NULL) | 88 | if (s == NULL) |
| 90 | { | 89 | { |