Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().

arc4random_buf() is guaranteed to always succeed - it is worth noting that a number of the replaced function calls were already missing return value checks. ok deraadt@
author: jsing <> 2014-10-22 13:02:04 +0000
committer: jsing <> 2014-10-22 13:02:04 +0000
commit: a2960bc2e14b4c5f7d8f78d2a69ebb537ca4afa8 (patch)
tree: 32d920c77e1ecf12be5fad632b9ae71343194a7c /src/lib/libcrypto/cms
parent: 5a6d7fd5a10b0ad084948463b25822d91091b325 (diff)
download: openbsd-a2960bc2e14b4c5f7d8f78d2a69ebb537ca4afa8.tar.gz
openbsd-a2960bc2e14b4c5f7d8f78d2a69ebb537ca4afa8.tar.bz2
openbsd-a2960bc2e14b4c5f7d8f78d2a69ebb537ca4afa8.zip
3 files changed, 13 insertions, 14 deletions
diff --git a/src/lib/libcrypto/cms/cms_enc.c b/src/lib/libcrypto/cms/cms_enc.c
index efe19a3131..f97e4d5f34 100644
--- a/src/lib/libcrypto/cms/cms_enc.c
+++ b/src/lib/libcrypto/cms/cms_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cms_enc.c,v 1.5 2014/07/11 08:44:48 jsing Exp $ */
+/* $OpenBSD: cms_enc.c,v 1.6 2014/10/22 13:02:04 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project.
 */
@@ -51,11 +51,12 @@
 * ====================================================================
 */
+#include <stdlib.h>
 #include <openssl/asn1t.h>
 #include <openssl/cms.h>
 #include <openssl/err.h>
 #include <openssl/pem.h>
-#include <openssl/rand.h>
 #include <openssl/x509v3.h>
 #include "cms_lcl.h"
@@ -119,8 +120,7 @@ cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
                /* Generate a random IV if we need one */
                ivlen = EVP_CIPHER_CTX_iv_length(ctx);
                if (ivlen > 0) {
-                        if (RAND_pseudo_bytes(iv, ivlen) <= 0)
+                        arc4random_buf(iv, ivlen);
-                                goto err;
                        piv = iv;
                }
        } else if (EVP_CIPHER_asn1_to_param(ctx, calg->parameter) <= 0) {
diff --git a/src/lib/libcrypto/cms/cms_ess.c b/src/lib/libcrypto/cms/cms_ess.c
index e3b7e7da4c..fca62e0627 100644
--- a/src/lib/libcrypto/cms/cms_ess.c
+++ b/src/lib/libcrypto/cms/cms_ess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cms_ess.c,v 1.6 2014/07/11 08:44:48 jsing Exp $ */
+/* $OpenBSD: cms_ess.c,v 1.7 2014/10/22 13:02:04 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project.
 */
@@ -51,11 +51,12 @@
 * ====================================================================
 */
+#include <stdlib.h>
 #include <openssl/asn1t.h>
 #include <openssl/cms.h>
 #include <openssl/err.h>
 #include <openssl/pem.h>
-#include <openssl/rand.h>
 #include <openssl/x509v3.h>
 #include "cms_lcl.h"
@@ -105,9 +106,7 @@ CMS_ReceiptRequest_create0(unsigned char *id, int idlen, int allorfirst,
        else {
                if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
                        goto merr;
-                if (RAND_pseudo_bytes(rr->signedContentIdentifier->data, 32)
+                arc4random_buf(rr->signedContentIdentifier->data, 32);
-                        <= 0)
-                        goto err;
        }
        sk_GENERAL_NAMES_pop_free(rr->receiptsTo, GENERAL_NAMES_free);
diff --git a/src/lib/libcrypto/cms/cms_pwri.c b/src/lib/libcrypto/cms/cms_pwri.c
index b7c3038027..89f7925938 100644
--- a/src/lib/libcrypto/cms/cms_pwri.c
+++ b/src/lib/libcrypto/cms/cms_pwri.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cms_pwri.c,v 1.7 2014/07/11 15:42:34 miod Exp $ */
+/* $OpenBSD: cms_pwri.c,v 1.8 2014/10/22 13:02:04 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project.
 */
@@ -51,12 +51,13 @@
 * ====================================================================
 */
+#include <stdlib.h>
 #include <openssl/aes.h>
 #include <openssl/asn1t.h>
 #include <openssl/cms.h>
 #include <openssl/err.h>
 #include <openssl/pem.h>
-#include <openssl/rand.h>
 #include <openssl/x509v3.h>
 #include "asn1_locl.h"
@@ -130,8 +131,7 @@ CMS_add0_recipient_password(CMS_ContentInfo *cms, int iter, int wrap_nid,
        ivlen = EVP_CIPHER_CTX_iv_length(&ctx);
        if (ivlen > 0) {
-                if (RAND_pseudo_bytes(iv, ivlen) <= 0)
+                arc4random_buf(iv, ivlen);
-                        goto err;
                if (EVP_EncryptInit_ex(&ctx, NULL, NULL, NULL, iv) <= 0) {
                        CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
                            ERR_R_EVP_LIB);
@@ -297,7 +297,7 @@ kek_wrap_key(unsigned char *out, size_t *outlen, const unsigned char *in,
                memcpy(out + 4, in, inlen);
                /* Add random padding to end */
                if (olen > inlen + 4)
-                        RAND_pseudo_bytes(out + 4 + inlen, olen - 4 - inlen);
+                        arc4random_buf(out + 4 + inlen, olen - 4 - inlen);
                /* Encrypt twice */
                EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
                EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
author	jsing <>	2014-10-22 13:02:04 +0000
committer	jsing <>	2014-10-22 13:02:04 +0000
commit	a2960bc2e14b4c5f7d8f78d2a69ebb537ca4afa8 (patch)
tree	32d920c77e1ecf12be5fad632b9ae71343194a7c /src/lib/libcrypto/cms
parent	5a6d7fd5a10b0ad084948463b25822d91091b325 (diff)
download	openbsd-a2960bc2e14b4c5f7d8f78d2a69ebb537ca4afa8.tar.gz openbsd-a2960bc2e14b4c5f7d8f78d2a69ebb537ca4afa8.tar.bz2 openbsd-a2960bc2e14b4c5f7d8f78d2a69ebb537ca4afa8.zip