diff options
| author | jsing <> | 2014-10-22 13:02:04 +0000 |
|---|---|---|
| committer | jsing <> | 2014-10-22 13:02:04 +0000 |
| commit | fa457604779ff38b511fdfdae3c6a78664281c22 (patch) | |
| tree | 32d920c77e1ecf12be5fad632b9ae71343194a7c /src/lib/libcrypto/bn/bn.h | |
| parent | 7ccbe9ff89c73fb88bf75fca3085b051d45f2f64 (diff) | |
| download | openbsd-fa457604779ff38b511fdfdae3c6a78664281c22.tar.gz openbsd-fa457604779ff38b511fdfdae3c6a78664281c22.tar.bz2 openbsd-fa457604779ff38b511fdfdae3c6a78664281c22.zip | |
Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().
arc4random_buf() is guaranteed to always succeed - it is worth noting
that a number of the replaced function calls were already missing return
value checks.
ok deraadt@
Diffstat (limited to 'src/lib/libcrypto/bn/bn.h')
| -rw-r--r-- | src/lib/libcrypto/bn/bn.h | 17 |
1 files changed, 6 insertions, 11 deletions
diff --git a/src/lib/libcrypto/bn/bn.h b/src/lib/libcrypto/bn/bn.h index 155adf4fe0..10414dc339 100644 --- a/src/lib/libcrypto/bn/bn.h +++ b/src/lib/libcrypto/bn/bn.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: bn.h,v 1.24 2014/06/27 06:07:35 deraadt Exp $ */ | 1 | /* $OpenBSD: bn.h,v 1.25 2014/10/22 13:02:04 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -125,9 +125,11 @@ | |||
| 125 | #ifndef HEADER_BN_H | 125 | #ifndef HEADER_BN_H |
| 126 | #define HEADER_BN_H | 126 | #define HEADER_BN_H |
| 127 | 127 | ||
| 128 | #include <stdio.h> | ||
| 129 | #include <stdlib.h> | ||
| 130 | |||
| 128 | #include <openssl/opensslconf.h> | 131 | #include <openssl/opensslconf.h> |
| 129 | 132 | ||
| 130 | #include <stdio.h> /* FILE */ | ||
| 131 | #include <openssl/ossl_typ.h> | 133 | #include <openssl/ossl_typ.h> |
| 132 | #include <openssl/crypto.h> | 134 | #include <openssl/crypto.h> |
| 133 | 135 | ||
| @@ -673,11 +675,6 @@ BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */ | |||
| 673 | #include <assert.h> | 675 | #include <assert.h> |
| 674 | 676 | ||
| 675 | #ifdef BN_DEBUG_RAND | 677 | #ifdef BN_DEBUG_RAND |
| 676 | /* To avoid "make update" cvs wars due to BN_DEBUG, use some tricks */ | ||
| 677 | #ifndef RAND_pseudo_bytes | ||
| 678 | int RAND_pseudo_bytes(unsigned char *buf, int num); | ||
| 679 | #define BN_DEBUG_TRIX | ||
| 680 | #endif | ||
| 681 | #define bn_pollute(a) \ | 678 | #define bn_pollute(a) \ |
| 682 | do { \ | 679 | do { \ |
| 683 | const BIGNUM *_bnum1 = (a); \ | 680 | const BIGNUM *_bnum1 = (a); \ |
| @@ -688,17 +685,15 @@ int RAND_pseudo_bytes(unsigned char *buf, int num); | |||
| 688 | * wouldn't be constructed with top!=dmax. */ \ | 685 | * wouldn't be constructed with top!=dmax. */ \ |
| 689 | BN_ULONG *_not_const; \ | 686 | BN_ULONG *_not_const; \ |
| 690 | memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \ | 687 | memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \ |
| 691 | RAND_pseudo_bytes(&_tmp_char, 1); \ | 688 | arc4random_buf(&_tmp_char, 1); \ |
| 692 | memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \ | 689 | memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \ |
| 693 | (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \ | 690 | (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \ |
| 694 | } \ | 691 | } \ |
| 695 | } while(0) | 692 | } while(0) |
| 696 | #ifdef BN_DEBUG_TRIX | ||
| 697 | #undef RAND_pseudo_bytes | ||
| 698 | #endif | ||
| 699 | #else | 693 | #else |
| 700 | #define bn_pollute(a) | 694 | #define bn_pollute(a) |
| 701 | #endif | 695 | #endif |
| 696 | |||
| 702 | #define bn_check_top(a) \ | 697 | #define bn_check_top(a) \ |
| 703 | do { \ | 698 | do { \ |
| 704 | const BIGNUM *_bnum2 = (a); \ | 699 | const BIGNUM *_bnum2 = (a); \ |