From fa457604779ff38b511fdfdae3c6a78664281c22 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Wed, 22 Oct 2014 13:02:04 +0000 Subject: Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes(). arc4random_buf() is guaranteed to always succeed - it is worth noting that a number of the replaced function calls were already missing return value checks. ok deraadt@ --- src/lib/libcrypto/bn/bn.h | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) (limited to 'src/lib/libcrypto/bn/bn.h') diff --git a/src/lib/libcrypto/bn/bn.h b/src/lib/libcrypto/bn/bn.h index 155adf4fe0..10414dc339 100644 --- a/src/lib/libcrypto/bn/bn.h +++ b/src/lib/libcrypto/bn/bn.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bn.h,v 1.24 2014/06/27 06:07:35 deraadt Exp $ */ +/* $OpenBSD: bn.h,v 1.25 2014/10/22 13:02:04 jsing Exp $ */ /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -125,9 +125,11 @@ #ifndef HEADER_BN_H #define HEADER_BN_H +#include +#include + #include -#include /* FILE */ #include #include @@ -673,11 +675,6 @@ BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */ #include #ifdef BN_DEBUG_RAND -/* To avoid "make update" cvs wars due to BN_DEBUG, use some tricks */ -#ifndef RAND_pseudo_bytes -int RAND_pseudo_bytes(unsigned char *buf, int num); -#define BN_DEBUG_TRIX -#endif #define bn_pollute(a) \ do { \ const BIGNUM *_bnum1 = (a); \ @@ -688,17 +685,15 @@ int RAND_pseudo_bytes(unsigned char *buf, int num); * wouldn't be constructed with top!=dmax. */ \ BN_ULONG *_not_const; \ memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \ - RAND_pseudo_bytes(&_tmp_char, 1); \ + arc4random_buf(&_tmp_char, 1); \ memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \ (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \ } \ } while(0) -#ifdef BN_DEBUG_TRIX -#undef RAND_pseudo_bytes -#endif #else #define bn_pollute(a) #endif + #define bn_check_top(a) \ do { \ const BIGNUM *_bnum2 = (a); \ -- cgit v1.2.3-55-g6feb