From a2960bc2e14b4c5f7d8f78d2a69ebb537ca4afa8 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Wed, 22 Oct 2014 13:02:04 +0000 Subject: Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes(). arc4random_buf() is guaranteed to always succeed - it is worth noting that a number of the replaced function calls were already missing return value checks. ok deraadt@ --- src/lib/libcrypto/des/rand_key.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'src/lib/libcrypto/des/rand_key.c') diff --git a/src/lib/libcrypto/des/rand_key.c b/src/lib/libcrypto/des/rand_key.c index 727d36f488..7abb811df4 100644 --- a/src/lib/libcrypto/des/rand_key.c +++ b/src/lib/libcrypto/des/rand_key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rand_key.c,v 1.7 2014/07/22 18:09:20 miod Exp $ */ +/* $OpenBSD: rand_key.c,v 1.8 2014/10/22 13:02:04 jsing Exp $ */ /* ==================================================================== * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. * @@ -53,15 +53,15 @@ * */ +#include + #include -#include int DES_random_key(DES_cblock *ret) { do { - if (RAND_bytes((unsigned char *)ret, sizeof(DES_cblock)) != 1) - return (0); + arc4random_buf(ret, sizeof(DES_cblock)); DES_set_odd_parity(ret); } while (DES_is_weak_key(ret)); return (1); -- cgit v1.2.3-55-g6feb