Use arc4random_buf() instead of RAND(_pseudo)?_bytes().

ok bcook@
author: jsing <> 2014-10-22 13:54:03 +0000
committer: jsing <> 2014-10-22 13:54:03 +0000
commit: 85b016137f0bd9cf3b15129668f9d794a71c6d34 (patch)
tree: 5182be1e2bb99eb4ec60a5c42f2f953b4c1cadf1 /src/usr.bin/openssl/ts.c
parent: e931cb809e30a11ec87c1f47536227dc2f58dbdb (diff)
download: openbsd-85b016137f0bd9cf3b15129668f9d794a71c6d34.tar.gz
openbsd-85b016137f0bd9cf3b15129668f9d794a71c6d34.tar.bz2
openbsd-85b016137f0bd9cf3b15129668f9d794a71c6d34.zip
1 files changed, 2 insertions, 4 deletions
diff --git a/src/usr.bin/openssl/ts.c b/src/usr.bin/openssl/ts.c
index c765465c45..cd7d9cc81e 100644
--- a/src/usr.bin/openssl/ts.c
+++ b/src/usr.bin/openssl/ts.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts.c,v 1.2 2014/08/28 14:23:52 jsing Exp $ */
+/* $OpenBSD: ts.c,v 1.3 2014/10/22 13:54:03 jsing Exp $ */
 /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
 * project 2002.
 */
@@ -66,7 +66,6 @@
 #include <openssl/bn.h>
 #include <openssl/err.h>
 #include <openssl/pem.h>
-#include <openssl/rand.h>
 #include <openssl/ts.h>
 /* Length of the nonce of the request in bits (must be a multiple of 8). */
@@ -593,8 +592,7 @@ create_nonce(int bits)
        /* Generating random byte sequence. */
        if (len > (int) sizeof(buf))
                goto err;
-        if (RAND_bytes(buf, len) <= 0)
+        arc4random_buf(buf, len);
-                goto err;
        /* Find the first non-zero byte and creating ASN1_INTEGER object. */
        for (i = 0; i < len && !buf[i]; ++i)
author	jsing <>	2014-10-22 13:54:03 +0000
committer	jsing <>	2014-10-22 13:54:03 +0000
commit	85b016137f0bd9cf3b15129668f9d794a71c6d34 (patch)
tree	5182be1e2bb99eb4ec60a5c42f2f953b4c1cadf1 /src/usr.bin/openssl/ts.c
parent	e931cb809e30a11ec87c1f47536227dc2f58dbdb (diff)
download	openbsd-85b016137f0bd9cf3b15129668f9d794a71c6d34.tar.gz openbsd-85b016137f0bd9cf3b15129668f9d794a71c6d34.tar.bz2 openbsd-85b016137f0bd9cf3b15129668f9d794a71c6d34.zip