diff options
Diffstat (limited to 'src/lib/libcrypto/rsa')
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_oaep.c | 7 | ||||
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_pk1.c | 13 | ||||
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_pss.c | 7 | ||||
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_ssl.c | 13 |
4 files changed, 16 insertions, 24 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_oaep.c b/src/lib/libcrypto/rsa/rsa_oaep.c index 9be0f9be31..8585d7c3aa 100644 --- a/src/lib/libcrypto/rsa/rsa_oaep.c +++ b/src/lib/libcrypto/rsa/rsa_oaep.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_oaep.c,v 1.23 2014/07/11 08:44:49 jsing Exp $ */ | 1 | /* $OpenBSD: rsa_oaep.c,v 1.24 2014/10/22 13:02:04 jsing Exp $ */ |
| 2 | /* Written by Ulf Moeller. This software is distributed on an "AS IS" | 2 | /* Written by Ulf Moeller. This software is distributed on an "AS IS" |
| 3 | basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */ | 3 | basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */ |
| 4 | 4 | ||
| @@ -19,6 +19,7 @@ | |||
| 19 | */ | 19 | */ |
| 20 | 20 | ||
| 21 | #include <stdio.h> | 21 | #include <stdio.h> |
| 22 | #include <stdlib.h> | ||
| 22 | #include <string.h> | 23 | #include <string.h> |
| 23 | 24 | ||
| 24 | #include <openssl/opensslconf.h> | 25 | #include <openssl/opensslconf.h> |
| @@ -28,7 +29,6 @@ | |||
| 28 | #include <openssl/bn.h> | 29 | #include <openssl/bn.h> |
| 29 | #include <openssl/err.h> | 30 | #include <openssl/err.h> |
| 30 | #include <openssl/evp.h> | 31 | #include <openssl/evp.h> |
| 31 | #include <openssl/rand.h> | ||
| 32 | #include <openssl/rsa.h> | 32 | #include <openssl/rsa.h> |
| 33 | #include <openssl/sha.h> | 33 | #include <openssl/sha.h> |
| 34 | 34 | ||
| @@ -65,8 +65,7 @@ RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, | |||
| 65 | emlen - flen - 2 * SHA_DIGEST_LENGTH - 1); | 65 | emlen - flen - 2 * SHA_DIGEST_LENGTH - 1); |
| 66 | db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01; | 66 | db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01; |
| 67 | memcpy(db + emlen - flen - SHA_DIGEST_LENGTH, from, flen); | 67 | memcpy(db + emlen - flen - SHA_DIGEST_LENGTH, from, flen); |
| 68 | if (RAND_bytes(seed, SHA_DIGEST_LENGTH) <= 0) | 68 | arc4random_buf(seed, SHA_DIGEST_LENGTH); |
| 69 | return 0; | ||
| 70 | 69 | ||
| 71 | dbmask = malloc(emlen - SHA_DIGEST_LENGTH); | 70 | dbmask = malloc(emlen - SHA_DIGEST_LENGTH); |
| 72 | if (dbmask == NULL) { | 71 | if (dbmask == NULL) { |
diff --git a/src/lib/libcrypto/rsa/rsa_pk1.c b/src/lib/libcrypto/rsa/rsa_pk1.c index 4f82bf6768..6c3e7fb846 100644 --- a/src/lib/libcrypto/rsa/rsa_pk1.c +++ b/src/lib/libcrypto/rsa/rsa_pk1.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_pk1.c,v 1.13 2014/07/11 08:44:49 jsing Exp $ */ | 1 | /* $OpenBSD: rsa_pk1.c,v 1.14 2014/10/22 13:02:04 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -57,12 +57,12 @@ | |||
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <stdlib.h> | ||
| 60 | #include <string.h> | 61 | #include <string.h> |
| 61 | 62 | ||
| 62 | #include <openssl/bn.h> | 63 | #include <openssl/bn.h> |
| 63 | #include <openssl/err.h> | 64 | #include <openssl/err.h> |
| 64 | #include <openssl/rsa.h> | 65 | #include <openssl/rsa.h> |
| 65 | #include <openssl/rand.h> | ||
| 66 | 66 | ||
| 67 | int | 67 | int |
| 68 | RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen, | 68 | RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen, |
| @@ -167,13 +167,10 @@ RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, | |||
| 167 | /* pad out with non-zero random data */ | 167 | /* pad out with non-zero random data */ |
| 168 | j = tlen - 3 - flen; | 168 | j = tlen - 3 - flen; |
| 169 | 169 | ||
| 170 | if (RAND_bytes(p, j) <= 0) | 170 | arc4random_buf(p, j); |
| 171 | return 0; | ||
| 172 | for (i = 0; i < j; i++) { | 171 | for (i = 0; i < j; i++) { |
| 173 | while (*p == '\0') { | 172 | while (*p == '\0') |
| 174 | if (RAND_bytes(p, 1) <= 0) | 173 | arc4random_buf(p, 1); |
| 175 | return 0; | ||
| 176 | } | ||
| 177 | p++; | 174 | p++; |
| 178 | } | 175 | } |
| 179 | 176 | ||
diff --git a/src/lib/libcrypto/rsa/rsa_pss.c b/src/lib/libcrypto/rsa/rsa_pss.c index f841b2f8a3..5e137a3090 100644 --- a/src/lib/libcrypto/rsa/rsa_pss.c +++ b/src/lib/libcrypto/rsa/rsa_pss.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_pss.c,v 1.10 2014/07/13 12:53:46 miod Exp $ */ | 1 | /* $OpenBSD: rsa_pss.c,v 1.11 2014/10/22 13:02:04 jsing Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2005. | 3 | * project 2005. |
| 4 | */ | 4 | */ |
| @@ -57,12 +57,12 @@ | |||
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <stdlib.h> | ||
| 60 | #include <string.h> | 61 | #include <string.h> |
| 61 | 62 | ||
| 62 | #include <openssl/bn.h> | 63 | #include <openssl/bn.h> |
| 63 | #include <openssl/err.h> | 64 | #include <openssl/err.h> |
| 64 | #include <openssl/evp.h> | 65 | #include <openssl/evp.h> |
| 65 | #include <openssl/rand.h> | ||
| 66 | #include <openssl/rsa.h> | 66 | #include <openssl/rsa.h> |
| 67 | #include <openssl/sha.h> | 67 | #include <openssl/sha.h> |
| 68 | 68 | ||
| @@ -243,8 +243,7 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, | |||
| 243 | ERR_R_MALLOC_FAILURE); | 243 | ERR_R_MALLOC_FAILURE); |
| 244 | goto err; | 244 | goto err; |
| 245 | } | 245 | } |
| 246 | if (RAND_bytes(salt, sLen) <= 0) | 246 | arc4random_buf(salt, sLen); |
| 247 | goto err; | ||
| 248 | } | 247 | } |
| 249 | maskedDBLen = emLen - hLen - 1; | 248 | maskedDBLen = emLen - hLen - 1; |
| 250 | H = EM + maskedDBLen; | 249 | H = EM + maskedDBLen; |
diff --git a/src/lib/libcrypto/rsa/rsa_ssl.c b/src/lib/libcrypto/rsa/rsa_ssl.c index a5fe5004b1..73262f29c1 100644 --- a/src/lib/libcrypto/rsa/rsa_ssl.c +++ b/src/lib/libcrypto/rsa/rsa_ssl.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_ssl.c,v 1.13 2014/07/11 08:44:49 jsing Exp $ */ | 1 | /* $OpenBSD: rsa_ssl.c,v 1.14 2014/10/22 13:02:04 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -57,11 +57,11 @@ | |||
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <stdlib.h> | ||
| 60 | #include <string.h> | 61 | #include <string.h> |
| 61 | 62 | ||
| 62 | #include <openssl/bn.h> | 63 | #include <openssl/bn.h> |
| 63 | #include <openssl/err.h> | 64 | #include <openssl/err.h> |
| 64 | #include <openssl/rand.h> | ||
| 65 | #include <openssl/rsa.h> | 65 | #include <openssl/rsa.h> |
| 66 | 66 | ||
| 67 | int | 67 | int |
| @@ -85,13 +85,10 @@ RSA_padding_add_SSLv23(unsigned char *to, int tlen, const unsigned char *from, | |||
| 85 | /* pad out with non-zero random data */ | 85 | /* pad out with non-zero random data */ |
| 86 | j = tlen - 3 - 8 - flen; | 86 | j = tlen - 3 - 8 - flen; |
| 87 | 87 | ||
| 88 | if (RAND_bytes(p, j) <= 0) | 88 | arc4random_buf(p, j); |
| 89 | return 0; | ||
| 90 | for (i = 0; i < j; i++) { | 89 | for (i = 0; i < j; i++) { |
| 91 | while (*p == '\0') { | 90 | while (*p == '\0') |
| 92 | if (RAND_bytes(p, 1) <= 0) | 91 | arc4random_buf(p, 1); |
| 93 | return 0; | ||
| 94 | } | ||
| 95 | p++; | 92 | p++; |
| 96 | } | 93 | } |
| 97 | 94 | ||