Browse Source

add zero strenght arguments to BN and RAND RNG calls

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15513)
master
Pauli 5 months ago
parent
commit
5cbd2ea3f9
35 changed files with 61 additions and 57 deletions
  1. +1
    -1
      crypto/asn1/asn_mime.c
  2. +1
    -1
      crypto/asn1/p5_pbe.c
  3. +3
    -2
      crypto/asn1/p5_pbev2.c
  4. +1
    -1
      crypto/bn/bn_blind.c
  5. +2
    -2
      crypto/bn/bn_gf2m.c
  6. +4
    -3
      crypto/bn/bn_prime.c
  7. +3
    -3
      crypto/bn/bn_rsa_fips186_4.c
  8. +1
    -1
      crypto/bn/bn_sqrt.c
  9. +5
    -4
      crypto/bn/bn_x931p.c
  10. +1
    -1
      crypto/cmp/cmp_hdr.c
  11. +1
    -1
      crypto/cms/cms_enc.c
  12. +2
    -1
      crypto/cms/cms_ess.c
  13. +2
    -2
      crypto/cms/cms_pwri.c
  14. +1
    -1
      crypto/crmf/crmf_pbm.c
  15. +1
    -1
      crypto/dh/dh_key.c
  16. +2
    -2
      crypto/dsa/dsa_ossl.c
  17. +2
    -2
      crypto/ec/ec2_smpl.c
  18. +1
    -1
      crypto/ec/ec_key.c
  19. +1
    -1
      crypto/ec/ecdsa_ossl.c
  20. +1
    -1
      crypto/ec/ecp_s390x_nistp.c
  21. +4
    -4
      crypto/ec/ecp_smpl.c
  22. +1
    -1
      crypto/ec/ecx_backend.c
  23. +4
    -4
      crypto/ec/ecx_meth.c
  24. +1
    -1
      crypto/evp/evp_enc.c
  25. +1
    -1
      crypto/evp/p_seal.c
  26. +1
    -1
      crypto/ffc/ffc_key_generate.c
  27. +2
    -2
      crypto/ffc/ffc_params_generate.c
  28. +1
    -1
      crypto/pkcs12/p12_mutl.c
  29. +1
    -1
      crypto/pkcs7/pk7_doit.c
  30. +1
    -1
      crypto/rsa/rsa_oaep.c
  31. +3
    -3
      crypto/rsa/rsa_pk1.c
  32. +1
    -1
      crypto/rsa/rsa_pss.c
  33. +1
    -1
      crypto/sm2/sm2_crypt.c
  34. +1
    -1
      crypto/sm2/sm2_sign.c
  35. +2
    -2
      crypto/srp/srp_vfy.c

+ 1
- 1
crypto/asn1/asn_mime.c View File

@ -251,7 +251,7 @@ int SMIME_write_ASN1_ex(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
if ((flags & SMIME_DETACHED) && data) {
/* We want multipart/signed */
/* Generate a random boundary */
if (RAND_bytes_ex(libctx, (unsigned char *)bound, 32) <= 0)
if (RAND_bytes_ex(libctx, (unsigned char *)bound, 32, 0) <= 0)
return 0;
for (i = 0; i < 32; i++) {
c = bound[i] & 0xf;


+ 1
- 1
crypto/asn1/p5_pbe.c View File

@ -55,7 +55,7 @@ int PKCS5_pbe_set0_algor_ex(X509_ALGOR *algor, int alg, int iter,
}
if (salt)
memcpy(sstr, salt, saltlen);
else if (RAND_bytes_ex(ctx, sstr, saltlen) <= 0)
else if (RAND_bytes_ex(ctx, sstr, saltlen, 0) <= 0)
goto err;
ASN1_STRING_set0(pbe->salt, sstr, saltlen);


+ 3
- 2
crypto/asn1/p5_pbev2.c View File

@ -69,7 +69,8 @@ X509_ALGOR *PKCS5_pbe2_set_iv_ex(const EVP_CIPHER *cipher, int iter,
if (EVP_CIPHER_iv_length(cipher)) {
if (aiv)
memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
else if (RAND_bytes_ex(libctx, iv, EVP_CIPHER_iv_length(cipher)) <= 0)
else if (RAND_bytes_ex(libctx, iv, EVP_CIPHER_iv_length(cipher),
0) <= 0)
goto err;
}
@ -187,7 +188,7 @@ X509_ALGOR *PKCS5_pbkdf2_set_ex(int iter, unsigned char *salt, int saltlen,
if (salt)
memcpy(osalt->data, salt, saltlen);
else if (RAND_bytes_ex(libctx, osalt->data, saltlen) <= 0)
else if (RAND_bytes_ex(libctx, osalt->data, saltlen, 0) <= 0)
goto merr;
if (iter <= 0)


+ 1
- 1
crypto/bn/bn_blind.c View File

@ -270,7 +270,7 @@ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
do {
int rv;
if (!BN_priv_rand_range_ex(ret->A, ret->mod, ctx))
if (!BN_priv_rand_range_ex(ret->A, ret->mod, 0, ctx))
goto err;
if (int_bn_mod_inverse(ret->Ai, ret->A, ret->mod, ctx, &rv))
break;


+ 2
- 2
crypto/bn/bn_gf2m.c View File

@ -742,7 +742,7 @@ int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
/* generate blinding value */
do {
if (!BN_priv_rand_ex(b, BN_num_bits(p) - 1,
BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, ctx))
BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, 0, ctx))
goto err;
} while (BN_is_zero(b));
@ -1051,7 +1051,7 @@ int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[],
goto err;
do {
if (!BN_priv_rand_ex(rho, p[0], BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY,
ctx))
0, ctx))
goto err;
if (!BN_GF2m_mod_arr(rho, rho, p))
goto err;


+ 4
- 3
crypto/bn/bn_prime.c View File

@ -386,7 +386,7 @@ int ossl_bn_miller_rabin_is_prime(const BIGNUM *w, int iterations, BN_CTX *ctx,
/* (Step 4) */
for (i = 0; i < iterations; ++i) {
/* (Step 4.1) obtain a Random string of bits b where 1 < b < w-1 */
if (!BN_priv_rand_range_ex(b, w3, ctx)
if (!BN_priv_rand_range_ex(b, w3, 0, ctx)
|| !BN_add_word(b, 2)) /* 1 < b < w-1 */
goto err;
@ -484,7 +484,8 @@ static int probable_prime(BIGNUM *rnd, int bits, int safe, prime_t *mods,
again:
/* TODO: Not all primes are private */
if (!BN_priv_rand_ex(rnd, bits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ODD, ctx))
if (!BN_priv_rand_ex(rnd, bits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ODD, 0,
ctx))
return 0;
if (safe && !BN_set_bit(rnd, 1))
return 0;
@ -550,7 +551,7 @@ static int probable_prime_dh(BIGNUM *rnd, int bits, int safe, prime_t *mods,
maxdelta = BN_MASK2 - BN_get_word(add);
again:
if (!BN_rand_ex(rnd, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD, ctx))
if (!BN_rand_ex(rnd, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD, 0, ctx))
goto err;
/* we need ((rnd-rem) % add) == 0 */


+ 3
- 3
crypto/bn/bn_rsa_fips186_4.c View File

@ -178,14 +178,14 @@ int ossl_bn_rsa_fips186_4_gen_prob_primes(BIGNUM *p, BIGNUM *Xpout,
if (Xp1 == NULL) {
/* Set the top and bottom bits to make it odd and the correct size */
if (!BN_priv_rand_ex(Xp1i, bitlen, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD,
ctx))
0, ctx))
goto err;
}
/* (Steps 4.1/5.1): Randomly generate Xp2 if it is not passed in */
if (Xp2 == NULL) {
/* Set the top and bottom bits to make it odd and the correct size */
if (!BN_priv_rand_ex(Xp2i, bitlen, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD,
ctx))
0, ctx))
goto err;
}
@ -306,7 +306,7 @@ int ossl_bn_rsa_fips186_4_derive_prime(BIGNUM *Y, BIGNUM *X, const BIGNUM *Xin,
* (Step 3) Choose Random X such that
* sqrt(2) * 2^(nlen/2-1) <= Random X <= (2^(nlen/2)) - 1.
*/
if (!BN_priv_rand_range_ex(X, range, ctx) || !BN_add(X, X, base))
if (!BN_priv_rand_range_ex(X, range, 0, ctx) || !BN_add(X, X, base))
goto end;
}
/* (Step 4) Y = X + ((R - X) mod 2r1r2) */


+ 1
- 1
crypto/bn/bn_sqrt.c View File

@ -182,7 +182,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
if (!BN_set_word(y, i))
goto end;
} else {
if (!BN_priv_rand_ex(y, BN_num_bits(p), 0, 0, ctx))
if (!BN_priv_rand_ex(y, BN_num_bits(p), 0, 0, 0, ctx))
goto end;
if (BN_ucmp(y, p) >= 0) {
if (!(p->neg ? BN_add : BN_sub) (y, y, p))


+ 5
- 4
crypto/bn/bn_x931p.c View File

@ -175,7 +175,8 @@ int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx)
* - 1. By setting the top two bits we ensure that the lower bound is
* exceeded.
*/
if (!BN_priv_rand_ex(Xp, nbits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ANY, ctx))
if (!BN_priv_rand_ex(Xp, nbits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ANY, 0,
ctx))
return 0;
BN_CTX_start(ctx);
@ -184,7 +185,7 @@ int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx)
goto err;
for (i = 0; i < 1000; i++) {
if (!BN_priv_rand_ex(Xq, nbits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ANY,
if (!BN_priv_rand_ex(Xq, nbits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ANY, 0,
ctx))
goto err;
@ -230,9 +231,9 @@ int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
if (Xp1 == NULL || Xp2 == NULL)
goto error;
if (!BN_priv_rand_ex(Xp1, 101, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY, ctx))
if (!BN_priv_rand_ex(Xp1, 101, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY, 0, ctx))
goto error;
if (!BN_priv_rand_ex(Xp2, 101, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY, ctx))
if (!BN_priv_rand_ex(Xp2, 101, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY, 0, ctx))
goto error;
if (!BN_X931_derive_prime_ex(p, p1, p2, Xp, Xp1, Xp2, e, ctx, cb))
goto error;


+ 1
- 1
crypto/cmp/cmp_hdr.c View File

@ -142,7 +142,7 @@ static int set_random(ASN1_OCTET_STRING **tgt, OSSL_CMP_CTX *ctx, size_t len)
unsigned char *bytes = OPENSSL_malloc(len);
int res = 0;
if (bytes == NULL || RAND_bytes_ex(ctx->libctx, bytes, len) <= 0)
if (bytes == NULL || RAND_bytes_ex(ctx->libctx, bytes, len, 0) <= 0)
ERR_raise(ERR_LIB_CMP, CMP_R_FAILURE_OBTAINING_RANDOM);
else
res = ossl_cmp_asn1_octet_string_set1_bytes(tgt, bytes, len);


+ 1
- 1
crypto/cms/cms_enc.c View File

@ -83,7 +83,7 @@ BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec,
/* Generate a random IV if we need one */
ivlen = EVP_CIPHER_CTX_iv_length(ctx);
if (ivlen > 0) {
if (RAND_bytes_ex(libctx, iv, ivlen) <= 0)
if (RAND_bytes_ex(libctx, iv, ivlen, 0) <= 0)
goto err;
piv = iv;
}


+ 2
- 1
crypto/cms/cms_ess.c View File

@ -128,7 +128,8 @@ CMS_ReceiptRequest *CMS_ReceiptRequest_create0_ex(
else {
if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
goto merr;
if (RAND_bytes_ex(libctx, rr->signedContentIdentifier->data, 32) <= 0)
if (RAND_bytes_ex(libctx, rr->signedContentIdentifier->data, 32,
0) <= 0)
goto err;
}


+ 2
- 2
crypto/cms/cms_pwri.c View File

@ -94,7 +94,7 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
ivlen = EVP_CIPHER_CTX_iv_length(ctx);
if (ivlen > 0) {
if (RAND_bytes_ex(ossl_cms_ctx_get0_libctx(cms_ctx), iv, ivlen) <= 0)
if (RAND_bytes_ex(ossl_cms_ctx_get0_libctx(cms_ctx), iv, ivlen, 0) <= 0)
goto err;
if (EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv) <= 0) {
ERR_raise(ERR_LIB_CMS, ERR_R_EVP_LIB);
@ -264,7 +264,7 @@ static int kek_wrap_key(unsigned char *out, size_t *outlen,
/* Add random padding to end */
if (olen > inlen + 4
&& RAND_bytes_ex(ossl_cms_ctx_get0_libctx(cms_ctx), out + 4 + inlen,
olen - 4 - inlen) <= 0)
olen - 4 - inlen, 0) <= 0)
return 0;
/* Encrypt twice */
if (!EVP_EncryptUpdate(ctx, out, &dummy, out, olen)


+ 1
- 1
crypto/crmf/crmf_pbm.c View File

@ -55,7 +55,7 @@ OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OSSL_LIB_CTX *libctx, size_t slen,
*/
if ((salt = OPENSSL_malloc(slen)) == NULL)
goto err;
if (RAND_bytes_ex(libctx, salt, (int)slen) <= 0) {
if (RAND_bytes_ex(libctx, salt, (int)slen, 0) <= 0) {
ERR_raise(ERR_LIB_CRMF, CRMF_R_FAILURE_OBTAINING_RANDOM);
goto err;
}


+ 1
- 1
crypto/dh/dh_key.c View File

@ -318,7 +318,7 @@ static int generate_key(DH *dh)
goto err;
l = dh->length ? dh->length : BN_num_bits(dh->params.p) - 1;
if (!BN_priv_rand_ex(priv_key, l, BN_RAND_TOP_ONE,
BN_RAND_BOTTOM_ANY, ctx))
BN_RAND_BOTTOM_ANY, 0, ctx))
goto err;
/*
* We handle just one known case where g is a quadratic non-residue:


+ 2
- 2
crypto/dsa/dsa_ossl.c View File

@ -132,7 +132,7 @@ DSA_SIG *ossl_dsa_do_sign_int(const unsigned char *dgst, int dlen, DSA *dsa)
/* Generate a blinding value */
do {
if (!BN_priv_rand_ex(blind, BN_num_bits(dsa->params.q) - 1,
BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, ctx))
BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, 0, ctx))
goto err;
} while (BN_is_zero(blind));
BN_set_flags(blind, BN_FLG_CONSTTIME);
@ -250,7 +250,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
if (!BN_generate_dsa_nonce(k, dsa->params.q, dsa->priv_key, dgst,
dlen, ctx))
goto err;
} else if (!BN_priv_rand_range_ex(k, dsa->params.q, ctx))
} else if (!BN_priv_rand_range_ex(k, dsa->params.q, 0, ctx))
goto err;
} while (BN_is_zero(k));


+ 2
- 2
crypto/ec/ec2_smpl.c View File

@ -730,7 +730,7 @@ int ec_GF2m_simple_ladder_pre(const EC_GROUP *group,
/* s blinding: make sure lambda (s->Z here) is not zero */
do {
if (!BN_priv_rand_ex(s->Z, BN_num_bits(group->field) - 1,
BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, ctx)) {
BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, 0, ctx)) {
ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB);
return 0;
}
@ -745,7 +745,7 @@ int ec_GF2m_simple_ladder_pre(const EC_GROUP *group,
/* r blinding: make sure lambda (r->Y here for storage) is not zero */
do {
if (!BN_priv_rand_ex(r->Y, BN_num_bits(group->field) - 1,
BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, ctx)) {
BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, 0, ctx)) {
ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB);
return 0;
}


+ 1
- 1
crypto/ec/ec_key.c View File

@ -298,7 +298,7 @@ static int ec_generate_key(EC_KEY *eckey, int pairwise_test)
}
do
if (!BN_priv_rand_range_ex(priv_key, order, ctx))
if (!BN_priv_rand_range_ex(priv_key, order, 0, ctx))
goto err;
while (BN_is_zero(priv_key)) ;


+ 1
- 1
crypto/ec/ecdsa_ossl.c View File

@ -135,7 +135,7 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in,
goto err;
}
} else {
if (!BN_priv_rand_range_ex(k, order, ctx)) {
if (!BN_priv_rand_range_ex(k, order, 0, ctx)) {
ERR_raise(ERR_LIB_EC, EC_R_RANDOM_NUMBER_GENERATION_FAILED);
goto err;
}


+ 1
- 1
crypto/ec/ecp_s390x_nistp.c View File

@ -180,7 +180,7 @@ static ECDSA_SIG *ecdsa_s390x_nistp_sign_sig(const unsigned char *dgst,
* internally implementing counter-measures for RNG weakness.
*/
if (RAND_priv_bytes_ex(eckey->libctx, param + S390X_OFF_RN(len),
len) != 1) {
len, 0) != 1) {
ERR_raise(ERR_LIB_EC, EC_R_RANDOM_NUMBER_GENERATION_FAILED);
goto ret;
}


+ 4
- 4
crypto/ec/ecp_smpl.c View File

@ -1396,7 +1396,7 @@ int ossl_ec_GFp_simple_field_inv(const EC_GROUP *group, BIGNUM *r,
goto err;
do {
if (!BN_priv_rand_range_ex(e, group->field, ctx))
if (!BN_priv_rand_range_ex(e, group->field, 0, ctx))
goto err;
} while (BN_is_zero(e));
@ -1449,7 +1449,7 @@ int ossl_ec_GFp_simple_blind_coordinates(const EC_GROUP *group, EC_POINT *p,
*/
do {
ERR_set_mark();
ret = BN_priv_rand_range_ex(lambda, group->field, ctx);
ret = BN_priv_rand_range_ex(lambda, group->field, 0, ctx);
ERR_pop_to_mark();
if (ret == 0) {
ret = 1;
@ -1519,13 +1519,13 @@ int ossl_ec_GFp_simple_ladder_pre(const EC_GROUP *group,
/* make sure lambda (r->Y here for storage) is not zero */
do {
if (!BN_priv_rand_range_ex(r->Y, group->field, ctx))
if (!BN_priv_rand_range_ex(r->Y, group->field, 0, ctx))
return 0;
} while (BN_is_zero(r->Y));
/* make sure lambda (s->Z here for storage) is not zero */
do {
if (!BN_priv_rand_range_ex(s->Z, group->field, ctx))
if (!BN_priv_rand_range_ex(s->Z, group->field, 0, ctx))
return 0;
} while (BN_is_zero(s->Z));


+ 1
- 1
crypto/ec/ecx_backend.c View File

@ -187,7 +187,7 @@ ECX_KEY *ossl_ecx_key_op(const X509_ALGOR *palg,
}
if (op == KEY_OP_KEYGEN) {
if (id != EVP_PKEY_NONE) {
if (RAND_priv_bytes_ex(libctx, privkey, KEYLENID(id)) <= 0)
if (RAND_priv_bytes_ex(libctx, privkey, KEYLENID(id), 0) <= 0)
goto err;
if (id == EVP_PKEY_X25519) {
privkey[0] &= 248;


+ 4
- 4
crypto/ec/ecx_meth.c View File

@ -937,7 +937,7 @@ static int s390x_pkey_ecx_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
goto err;
}
if (RAND_priv_bytes_ex(ctx->libctx, privkey, X25519_KEYLEN) <= 0)
if (RAND_priv_bytes_ex(ctx->libctx, privkey, X25519_KEYLEN, 0) <= 0)
goto err;
privkey[0] &= 248;
@ -980,7 +980,7 @@ static int s390x_pkey_ecx_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
goto err;
}
if (RAND_priv_bytes_ex(ctx->libctx, privkey, X448_KEYLEN) <= 0)
if (RAND_priv_bytes_ex(ctx->libctx, privkey, X448_KEYLEN, 0) <= 0)
goto err;
privkey[0] &= 252;
@ -1029,7 +1029,7 @@ static int s390x_pkey_ecd_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
goto err;
}
if (RAND_priv_bytes_ex(ctx->libctx, privkey, ED25519_KEYLEN) <= 0)
if (RAND_priv_bytes_ex(ctx->libctx, privkey, ED25519_KEYLEN, 0) <= 0)
goto err;
md = EVP_MD_fetch(ctx->libctx, "SHA512", ctx->propquery);
@ -1095,7 +1095,7 @@ static int s390x_pkey_ecd_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
goto err;
}
if (RAND_priv_bytes_ex(ctx->libctx, privkey, ED448_KEYLEN) <= 0)
if (RAND_priv_bytes_ex(ctx->libctx, privkey, ED448_KEYLEN, 0) <= 0)
goto err;
hashctx = EVP_MD_CTX_new();


+ 1
- 1
crypto/evp/evp_enc.c View File

@ -1332,7 +1332,7 @@ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
OSSL_LIB_CTX *libctx = EVP_CIPHER_CTX_get_libctx(ctx);
kl = EVP_CIPHER_CTX_key_length(ctx);
if (kl <= 0 || RAND_priv_bytes_ex(libctx, key, kl) <= 0)
if (kl <= 0 || RAND_priv_bytes_ex(libctx, key, kl, 0) <= 0)
return 0;
return 1;
}


+ 1
- 1
crypto/evp/p_seal.c View File

@ -44,7 +44,7 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
return 0;
len = EVP_CIPHER_CTX_iv_length(ctx);
if (len < 0 || RAND_priv_bytes_ex(libctx, iv, len) <= 0)
if (len < 0 || RAND_priv_bytes_ex(libctx, iv, len, 0) <= 0)
goto err;
len = EVP_CIPHER_CTX_key_length(ctx);


+ 1
- 1
crypto/ffc/ffc_key_generate.c View File

@ -45,7 +45,7 @@ int ossl_ffc_generate_private_key(BN_CTX *ctx, const FFC_PARAMS *params,
do {
/* Steps (3, 4 & 7) : c + 1 = 1 + random[0..2^N - 1] */
if (!BN_priv_rand_range_ex(priv, two_powN, ctx)
if (!BN_priv_rand_range_ex(priv, two_powN, 0, ctx)
|| !BN_add_word(priv, 1))
goto err;
/* Step (6) : loop if c > M - 2 (i.e. c + 1 >= M) */


+ 2
- 2
crypto/ffc/ffc_params_generate.c View File

@ -329,7 +329,7 @@ static int generate_q_fips186_4(BN_CTX *ctx, BIGNUM *q, const EVP_MD *evpmd,
/* A.1.1.2 Step (5) : generate seed with size seed_len */
if (generate_seed
&& RAND_bytes_ex(libctx, seed, (int)seedlen) < 0)
&& RAND_bytes_ex(libctx, seed, (int)seedlen, 0) < 0)
goto err;
/*
* A.1.1.2 Step (6) AND
@ -399,7 +399,7 @@ static int generate_q_fips186_2(BN_CTX *ctx, BIGNUM *q, const EVP_MD *evpmd,
if (!BN_GENCB_call(cb, 0, m++))
goto err;
if (generate_seed && RAND_bytes_ex(libctx, seed, (int)qsize) <= 0)
if (generate_seed && RAND_bytes_ex(libctx, seed, (int)qsize, 0) <= 0)
goto err;
memcpy(buf, seed, qsize);


+ 1
- 1
crypto/pkcs12/p12_mutl.c View File

@ -260,7 +260,7 @@ int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
p12->mac->salt->length = saltlen;
if (!salt) {
if (RAND_bytes_ex(p12->authsafes->ctx.libctx, p12->mac->salt->data,
saltlen) <= 0)
saltlen, 0) <= 0)
return 0;
} else
memcpy(p12->mac->salt->data, salt, saltlen);


+ 1
- 1
crypto/pkcs7/pk7_doit.c View File

@ -300,7 +300,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
ivlen = EVP_CIPHER_iv_length(evp_cipher);
xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));
if (ivlen > 0)
if (RAND_bytes_ex(libctx, iv, ivlen) <= 0)
if (RAND_bytes_ex(libctx, iv, ivlen, 0) <= 0)
goto err;
(void)ERR_set_mark();


+ 1
- 1
crypto/rsa/rsa_oaep.c View File

@ -103,7 +103,7 @@ int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OSSL_LIB_CTX *libctx,
db[emlen - flen - mdlen - 1] = 0x01;
memcpy(db + emlen - flen - mdlen, from, (unsigned int)flen);
/* step 3d: generate random byte string */
if (RAND_bytes_ex(libctx, seed, mdlen) <= 0)
if (RAND_bytes_ex(libctx, seed, mdlen, 0) <= 0)
goto err;
dbmask_len = emlen - mdlen;


+ 3
- 3
crypto/rsa/rsa_pk1.c View File

@ -138,12 +138,12 @@ int ossl_rsa_padding_add_PKCS1_type_2_ex(OSSL_LIB_CTX *libctx, unsigned char *to
/* pad out with non-zero random data */
j = tlen - 3 - flen;
if (RAND_bytes_ex(libctx, p, j) <= 0)
if (RAND_bytes_ex(libctx, p, j, 0) <= 0)
return 0;
for (i = 0; i < j; i++) {
if (*p == '\0')
do {
if (RAND_bytes_ex(libctx, p, 1) <= 0)
if (RAND_bytes_ex(libctx, p, 1, 0) <= 0)
return 0;
} while (*p == '\0');
p++;
@ -315,7 +315,7 @@ int ossl_rsa_padding_check_PKCS1_type_2_TLS(OSSL_LIB_CTX *libctx,
* to decrypt.
*/
if (RAND_priv_bytes_ex(libctx, rand_premaster_secret,
sizeof(rand_premaster_secret)) <= 0) {
sizeof(rand_premaster_secret), 0) <= 0) {
ERR_raise(ERR_LIB_RSA, ERR_R_INTERNAL_ERROR);
return -1;
}


+ 1
- 1
crypto/rsa/rsa_pss.c View File

@ -205,7 +205,7 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE);
goto err;
}
if (RAND_bytes_ex(rsa->libctx, salt, sLen) <= 0)
if (RAND_bytes_ex(rsa->libctx, salt, sLen, 0) <= 0)
goto err;
}
maskedDBLen = emLen - hLen - 1;


+ 1
- 1
crypto/sm2/sm2_crypt.c View File

@ -187,7 +187,7 @@ int ossl_sm2_encrypt(const EC_KEY *key,
memset(ciphertext_buf, 0, *ciphertext_len);
if (!BN_priv_rand_range_ex(k, order, ctx)) {
if (!BN_priv_rand_range_ex(k, order, 0, ctx)) {
ERR_raise(ERR_LIB_SM2, ERR_R_INTERNAL_ERROR);
goto done;
}


+ 1
- 1
crypto/sm2/sm2_sign.c View File

@ -240,7 +240,7 @@ static ECDSA_SIG *sm2_sig_gen(const EC_KEY *key, const BIGNUM *e)
}
for (;;) {
if (!BN_priv_rand_range_ex(k, order, ctx)) {
if (!BN_priv_rand_range_ex(k, order, 0, ctx)) {
ERR_raise(ERR_LIB_SM2, ERR_R_INTERNAL_ERROR);
goto done;
}


+ 2
- 2
crypto/srp/srp_vfy.c View File

@ -645,7 +645,7 @@ char *SRP_create_verifier_ex(const char *user, const char *pass, char **salt,
}
if (*salt == NULL) {
if (RAND_bytes_ex(libctx, tmp2, SRP_RANDOM_SALT_LEN) <= 0)
if (RAND_bytes_ex(libctx, tmp2, SRP_RANDOM_SALT_LEN, 0) <= 0)
goto err;
s = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);
@ -728,7 +728,7 @@ int SRP_create_verifier_BN_ex(const char *user, const char *pass, BIGNUM **salt,
goto err;
if (*salt == NULL) {
if (RAND_bytes_ex(libctx, tmp2, SRP_RANDOM_SALT_LEN) <= 0)
if (RAND_bytes_ex(libctx, tmp2, SRP_RANDOM_SALT_LEN, 0) <= 0)
goto err;
salttmp = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);


Loading…
Cancel
Save