From 70d2dbcdd5a01333cc8bb15f04f81dcb06351848 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Wed, 22 Oct 2014 13:23:05 +0000 Subject: Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes() (most with unchecked return values). --- src/regress/lib/libcrypto/bn/mont/mont.c | 5 ++--- src/regress/lib/libcrypto/ecdsa/ecdsatest.c | 9 ++------- src/regress/lib/libcrypto/exp/exptest.c | 7 +++---- src/regress/lib/libcrypto/ige/igetest.c | 15 ++++++++------- 4 files changed, 15 insertions(+), 21 deletions(-) diff --git a/src/regress/lib/libcrypto/bn/mont/mont.c b/src/regress/lib/libcrypto/bn/mont/mont.c index 2a60c022c3..30d5317b64 100644 --- a/src/regress/lib/libcrypto/bn/mont/mont.c +++ b/src/regress/lib/libcrypto/bn/mont/mont.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mont.c,v 1.1 2014/06/20 10:38:22 miod Exp $ */ +/* $OpenBSD: mont.c,v 1.2 2014/10/22 13:23:05 jsing Exp $ */ /* * Copyright (c) 2014 Miodrag Vallat. @@ -25,7 +25,6 @@ #include #include #include -#include /* * Test for proper bn_mul_mont behaviour when operands are of vastly different @@ -39,7 +38,7 @@ main(int argc, char *argv[]) unsigned char *key, r[32 + 16 * 8]; size_t privsz; - RAND_bytes(r, sizeof r); + arc4random_buf(r, sizeof(r)); for (privsz = 32; privsz <= sizeof(r); privsz += 8) { dh = DH_new(); diff --git a/src/regress/lib/libcrypto/ecdsa/ecdsatest.c b/src/regress/lib/libcrypto/ecdsa/ecdsatest.c index eadb43d652..810fef61bb 100644 --- a/src/regress/lib/libcrypto/ecdsa/ecdsatest.c +++ b/src/regress/lib/libcrypto/ecdsa/ecdsatest.c @@ -82,7 +82,6 @@ #include #endif #include -#include /* declaration of the test functions */ int x9_62_test_internal(BIO *out, int nid, const char *r, const char *s); @@ -169,12 +168,8 @@ int test_builtin(BIO *out) int nid, ret = 0; /* fill digest values with some random data */ - if (!RAND_pseudo_bytes(digest, 20) || - !RAND_pseudo_bytes(wrong_digest, 20)) - { - BIO_printf(out, "ERROR: unable to get random data\n"); - goto builtin_err; - } + arc4random_buf(digest, 20); + arc4random_buf(wrong_digest, 20); /* create and verify a ecdsa signature with every availble curve * (with ) */ diff --git a/src/regress/lib/libcrypto/exp/exptest.c b/src/regress/lib/libcrypto/exp/exptest.c index faa9328ba9..5f9b663a26 100644 --- a/src/regress/lib/libcrypto/exp/exptest.c +++ b/src/regress/lib/libcrypto/exp/exptest.c @@ -62,7 +62,6 @@ #include #include -#include #include #define NUM_BITS (BN_BITS*2) @@ -97,15 +96,15 @@ int main(int argc, char *argv[]) for (i=0; i<200; i++) { - RAND_bytes(&c,1); + arc4random_buf(&c,1); c=(c%BN_BITS)-BN_BITS2; BN_rand(a,NUM_BITS+c,0,0); - RAND_bytes(&c,1); + arc4random_buf(&c,1); c=(c%BN_BITS)-BN_BITS2; BN_rand(b,NUM_BITS+c,0,0); - RAND_bytes(&c,1); + arc4random_buf(&c,1); c=(c%BN_BITS)-BN_BITS2; BN_rand(m,NUM_BITS+c,0,1); diff --git a/src/regress/lib/libcrypto/ige/igetest.c b/src/regress/lib/libcrypto/ige/igetest.c index b3e7280bbd..7945aab3ab 100644 --- a/src/regress/lib/libcrypto/ige/igetest.c +++ b/src/regress/lib/libcrypto/ige/igetest.c @@ -49,11 +49,12 @@ * */ -#include -#include +#include #include +#include #include -#include + +#include #define TEST_SIZE 128 #define BIG_TEST_SIZE 10240 @@ -189,10 +190,10 @@ int main(int argc, char **argv) assert(BIG_TEST_SIZE >= TEST_SIZE); - RAND_pseudo_bytes(rkey, sizeof rkey); - RAND_pseudo_bytes(plaintext, sizeof plaintext); - RAND_pseudo_bytes(iv, sizeof iv); - memcpy(saved_iv, iv, sizeof saved_iv); + arc4random_buf(rkey, sizeof(rkey)); + arc4random_buf(plaintext, sizeof(plaintext)); + arc4random_buf(iv, sizeof(iv)); + memcpy(saved_iv, iv, sizeof(saved_iv)); /* Forward IGE only... */ -- cgit v1.2.3-55-g6feb