mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-24 02:23:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

RAND_bytes updates

Browse Source 
Ensure RAND_bytes return value is checked correctly, and that we no longer
use RAND_pseudo_bytes.

Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Matt Caswell 2015-02-26 11:57:37 +00:00
parent 8817e2e0c9
commit 266483d2f5
36 changed files with 100 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/enc.c
View File

@ -505,7 +505,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "invalid hex salt value\n");
goto end;
}
} else if (RAND_pseudo_bytes(salt, sizeof salt) < 0)
} else if (RAND_bytes(salt, sizeof salt) <= 0)
goto end;
/*
* If -P option then don't bother writing

4
apps/passwd.c
View File

@ -416,7 +416,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
if (*salt_malloc_p == NULL)
goto err;
}
if (RAND_pseudo_bytes((unsigned char *)*salt_p, 2) < 0)
if (RAND_bytes((unsigned char *)*salt_p, 2) <= 0)
goto err;
(*salt_p)[0] = cov_2char[(*salt_p)[0] & 0x3f]; /* 6 bits */
(*salt_p)[1] = cov_2char[(*salt_p)[1] & 0x3f]; /* 6 bits */
@ -437,7 +437,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
if (*salt_malloc_p == NULL)
goto err;
}
if (RAND_pseudo_bytes((unsigned char *)*salt_p, 8) < 0)
if (RAND_bytes((unsigned char *)*salt_p, 8) <= 0)
goto err;
for (i = 0; i < 8; i++)

2
apps/s_cb.c
View File

@ -949,7 +949,7 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie,
/* Initialize a random secret */
if (!cookie_initialized) {
if (!RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH)) {
if (RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH) <= 0) {
BIO_printf(bio_err, "error setting random cookie secret\n");
return 0;
}

3
apps/s_server.c
View File

@ -3199,7 +3199,8 @@ static int generate_session_id(const SSL *ssl, unsigned char *id,
{
unsigned int count = 0;
do {
RAND_pseudo_bytes(id, *id_len);
if (RAND_bytes(id, *id_len) <= 0)
return 0;
/*
* Prefix the session_id with the required prefix. NB: If our prefix
* is too long, clip it - but there will be worse effects anyway, eg.

4
apps/speed.c
View File

@ -1967,7 +1967,7 @@ int MAIN(int argc, char **argv)
}
#ifndef OPENSSL_SYS_WIN32
#endif
RAND_pseudo_bytes(buf, 36);
RAND_bytes(buf, 36);
#ifndef OPENSSL_NO_RSA
for (j = 0; j < RSA_NUM; j++) {
int ret;
@ -2039,7 +2039,7 @@ int MAIN(int argc, char **argv)
}
#endif
RAND_pseudo_bytes(buf, 20);
RAND_bytes(buf, 20);
#ifndef OPENSSL_NO_DSA
if (RAND_status() != 1) {
RAND_seed(rnd_seed, sizeof rnd_seed);

3
crypto/asn1/asn_mime.c
View File

@ -286,7 +286,8 @@ int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
if ((flags & SMIME_DETACHED) && data) {
/* We want multipart/signed */
/* Generate a random boundary */
RAND_pseudo_bytes((unsigned char *)bound, 32);
if (RAND_bytes((unsigned char *)bound, 32) <= 0)
return 0;
for (i = 0; i < 32; i++) {
c = bound[i] & 0xf;
if (c < 10)

2
crypto/asn1/p5_pbe.c
View File

@ -101,7 +101,7 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
sstr = ASN1_STRING_data(pbe->salt);
if (salt)
memcpy(sstr, salt, saltlen);
else if (RAND_pseudo_bytes(sstr, saltlen) < 0)
else if (RAND_bytes(sstr, saltlen) <= 0)
goto err;
if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) {

4
crypto/asn1/p5_pbev2.c
View File

@ -120,7 +120,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
if (EVP_CIPHER_iv_length(cipher)) {
if (aiv)
memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
else if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
else if (RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)) <= 0)
goto err;
}
@ -225,7 +225,7 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
if (salt)
memcpy(osalt->data, salt, saltlen);
else if (RAND_pseudo_bytes(osalt->data, saltlen) < 0)
else if (RAND_bytes(osalt->data, saltlen) <= 0)
goto merr;
if (iter <= 0)

6
crypto/bio/bf_nbio.c
View File

@ -136,7 +136,8 @@ static int nbiof_read(BIO *b, char *out, int outl)
return (0);
BIO_clear_retry_flags(b);
RAND_pseudo_bytes(&n, 1);
if (RAND_bytes(&n, 1) <= 0)
return -1;
num = (n & 0x07);
if (outl > num)
@ -172,7 +173,8 @@ static int nbiof_write(BIO *b, const char *in, int inl)
num = nt->lwn;
nt->lwn = 0;
} else {
RAND_pseudo_bytes(&n, 1);
if (RAND_bytes(&n, 1) <= 0)
return -1;
num = (n & 7);
}

2
crypto/bn/bn_lcl.h
View File

@ -168,7 +168,7 @@ int RAND_pseudo_bytes(unsigned char *buf, int num);
* wouldn't be constructed with top!=dmax. */ \
BN_ULONG *_not_const; \
memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
RAND_pseudo_bytes(&_tmp_char, 1); \
RAND_bytes(&_tmp_char, 1); /* Debug only - safe to ignore error return */\
memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
(_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
} \

5
crypto/bn/bn_rand.c
View File

@ -142,7 +142,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
RAND_add(&tim, sizeof(tim), 0.0);
if (pseudorand) {
if (RAND_pseudo_bytes(buf, bytes) == -1)
if (RAND_bytes(buf, bytes) <= 0)
goto err;
} else {
if (RAND_bytes(buf, bytes) <= 0)
@ -157,7 +157,8 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
unsigned char c;
for (i = 0; i < bytes; i++) {
RAND_pseudo_bytes(&c, 1);
if (RAND_bytes(&c, 1) <= 0)
goto err;
if (c >= 128 && i > 0)
buf[i] = buf[i - 1];
else if (c < 42)

2
crypto/cms/cms_enc.c
View File

@ -119,7 +119,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
/* Generate a random IV if we need one */
ivlen = EVP_CIPHER_CTX_iv_length(ctx);
if (ivlen > 0) {
if (RAND_pseudo_bytes(iv, ivlen) <= 0)
if (RAND_bytes(iv, ivlen) <= 0)
goto err;
piv = iv;
}

3
crypto/cms/cms_ess.c
View File

@ -107,8 +107,7 @@ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
else {
if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
goto merr;
if (RAND_pseudo_bytes(rr->signedContentIdentifier->data, 32)
<= 0)
if (RAND_bytes(rr->signedContentIdentifier->data, 32) <= 0)
goto err;
}

7
crypto/cms/cms_pwri.c
View File

@ -131,7 +131,7 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
ivlen = EVP_CIPHER_CTX_iv_length(&ctx);
if (ivlen > 0) {
if (RAND_pseudo_bytes(iv, ivlen) <= 0)
if (RAND_bytes(iv, ivlen) <= 0)
goto err;
if (EVP_EncryptInit_ex(&ctx, NULL, NULL, NULL, iv) <= 0) {
CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
@ -299,8 +299,9 @@ static int kek_wrap_key(unsigned char *out, size_t *outlen,
out[3] = in[2] ^ 0xFF;
memcpy(out + 4, in, inlen);
/* Add random padding to end */
if (olen > inlen + 4)
RAND_pseudo_bytes(out + 4 + inlen, olen - 4 - inlen);
if (olen > inlen + 4
&& RAND_bytes(out + 4 + inlen, olen - 4 - inlen) <= 0)
return 0;
/* Encrypt twice */
if (!EVP_EncryptUpdate(ctx, out, &dummy, out, olen)
|| !EVP_EncryptUpdate(ctx, out, &dummy, out, olen))

3
crypto/des/enc_writ.c
View File

@ -132,7 +132,8 @@ int DES_enc_write(int fd, const void *_buf, int len,
if (len < 8) {
cp = shortbuf;
memcpy(shortbuf, buf, len);
RAND_pseudo_bytes(shortbuf + len, 8 - len);
if (RAND_bytes(shortbuf + len, 8 - len) <= 0)
return -1;
rnum = 8;
} else {
cp = buf;

4
crypto/dsa/dsa_gen.c
View File

@ -173,7 +173,7 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
goto err;
if (!seed_len) {
if (RAND_pseudo_bytes(seed, qsize) < 0)
if (RAND_bytes(seed, qsize) <= 0)
goto err;
seed_is_random = 1;
} else {
@ -448,7 +448,7 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
goto err;
if (!seed_in) {
if (RAND_pseudo_bytes(seed, seed_len) < 0)
if (RAND_bytes(seed, seed_len) <= 0)
goto err;
}
/* step 2 */

3
crypto/ecdsa/ecdsatest.c
View File

@ -311,8 +311,7 @@ int test_builtin(BIO *out)
int nid, ret = 0;
/* fill digest values with some random data */
if (!RAND_pseudo_bytes(digest, 20) ||
!RAND_pseudo_bytes(wrong_digest, 20)) {
if (RAND_bytes(digest, 20) <= 0 || RAND_bytes(wrong_digest, 20) <= 0) {
BIO_printf(out, "ERROR: unable to get random data\n");
goto builtin_err;
}

3
crypto/evp/bio_ok.c
View File

@ -491,7 +491,8 @@ static int sig_out(BIO *b)
* FIXME: there's absolutely no guarantee this makes any sense at all,
* particularly now EVP_MD_CTX has been restructured.
*/
RAND_pseudo_bytes(md->md_data, md->digest->md_size);
if (RAND_bytes(md->md_data, md->digest->md_size) <= 0)
goto berr;
memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size);
longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);
ctx->buf_len += md->digest->md_size;

3
crypto/evp/e_des3.c
View File

@ -439,7 +439,8 @@ static int des_ede3_wrap(EVP_CIPHER_CTX *ctx, unsigned char *out,
memcpy(out + inl + 8, sha1tmp, 8);
OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH);
/* Generate random IV */
RAND_bytes(ctx->iv, 8);
if (RAND_bytes(ctx->iv, 8) <= 0)
return -1;
memcpy(out, ctx->iv, 8);
/* Encrypt everything after IV in place */
des_ede_cbc_cipher(ctx, out + 8, out + 8, inl + 8);

5
crypto/evp/p_seal.c
View File

@ -82,8 +82,9 @@ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
return 1;
if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
return 0;
if (EVP_CIPHER_CTX_iv_length(ctx))
RAND_pseudo_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx));
if (EVP_CIPHER_CTX_iv_length(ctx)
&& RAND_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx)) <= 0)
return 0;
if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
return 0;

4
crypto/ocsp/ocsp_ext.c
View File

@ -319,8 +319,8 @@ static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts,
ASN1_put_object(&tmpval, 0, len, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL);
if (val)
memcpy(tmpval, val, len);
else
RAND_pseudo_bytes(tmpval, len);
else if (RAND_bytes(tmpval, len) <= 0)
goto err;
if (!X509V3_add1_i2d(exts, NID_id_pkix_OCSP_Nonce,
&os, 0, X509V3_ADD_REPLACE))
goto err;

2
crypto/pem/pem_lib.c
View File

@ -387,7 +387,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
}
RAND_add(data, i, 0); /* put in the RSA key. */
OPENSSL_assert(enc->iv_len <= (int)sizeof(iv));
if (RAND_pseudo_bytes(iv, enc->iv_len) < 0) /* Generate a salt */
if (RAND_bytes(iv, enc->iv_len) <= 0) /* Generate a salt */
goto err;
/*
* The 'iv' is used as the iv and as a salt. It is NOT taken from

2
crypto/pkcs12/p12_mutl.c
View File

@ -177,7 +177,7 @@ int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
return 0;
}
if (!salt) {
if (RAND_pseudo_bytes(p12->mac->salt->data, saltlen) < 0)
if (RAND_bytes(p12->mac->salt->data, saltlen) <= 0)
return 0;
} else
memcpy(p12->mac->salt->data, salt, saltlen);

2
crypto/pkcs7/pk7_doit.c
View File

@ -340,7 +340,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
ivlen = EVP_CIPHER_iv_length(evp_cipher);
xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));
if (ivlen > 0)
if (RAND_pseudo_bytes(iv, ivlen) <= 0)
if (RAND_bytes(iv, ivlen) <= 0)
goto err;
if (EVP_CipherInit_ex(ctx, evp_cipher, NULL, NULL, NULL, 1) <= 0)
goto err;

4
crypto/rand/randtest.c
View File

@ -77,8 +77,8 @@ int main(int argc, char **argv)
*/
long d;
i = RAND_pseudo_bytes(buf, 2500);
if (i < 0) {
i = RAND_bytes(buf, 2500);
if (i <= 0) {
printf("init failed, the rand method is not properly installed\n");
err++;
goto err;

9
crypto/srp/srp_vfy.c
View File

@ -498,7 +498,8 @@ SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username)
if (!SRP_user_pwd_set_ids(user, username, NULL))
goto err;
RAND_pseudo_bytes(digv, SHA_DIGEST_LENGTH);
if (RAND_bytes(digv, SHA_DIGEST_LENGTH) <= 0)
goto err;
EVP_MD_CTX_init(&ctxt);
EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
EVP_DigestUpdate(&ctxt, vb->seed_key, strlen(vb->seed_key));
@ -550,7 +551,8 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt,
}
if (*salt == NULL) {
RAND_pseudo_bytes(tmp2, SRP_RANDOM_SALT_LEN);
if (RAND_bytes(tmp2, SRP_RANDOM_SALT_LEN) <= 0)
goto err;
s = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);
} else {
@ -608,7 +610,8 @@ int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
goto err;
if (*salt == NULL) {
RAND_pseudo_bytes(tmp2, SRP_RANDOM_SALT_LEN);
if (RAND_bytes(tmp2, SRP_RANDOM_SALT_LEN) <= 0)
goto err;
*salt = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);
}

4
crypto/srp/srptest.c
View File

@ -59,7 +59,7 @@ static int run_srp(const char *username, const char *client_pass,
showbn("Verifier", v);
/* Server random */
RAND_pseudo_bytes(rand_tmp, sizeof(rand_tmp));
RAND_bytes(rand_tmp, sizeof(rand_tmp));
b = BN_bin2bn(rand_tmp, sizeof(rand_tmp), NULL);
/* TODO - check b != 0 */
showbn("b", b);
@ -74,7 +74,7 @@ static int run_srp(const char *username, const char *client_pass,
}
/* Client random */
RAND_pseudo_bytes(rand_tmp, sizeof(rand_tmp));
RAND_bytes(rand_tmp, sizeof(rand_tmp));
a = BN_bin2bn(rand_tmp, sizeof(rand_tmp), NULL);
/* TODO - check a != 0 */
showbn("a", a);

3
demos/easy_tls/easy-tls.c
View File

@ -760,7 +760,8 @@ SSL_CTX *tls_create_ctx(struct tls_create_ctx_args a, void *apparg)
if (tls_dhe1024 == NULL) {
int i;
RAND_bytes((unsigned char *)&i, sizeof i);
if (RAND_bytes((unsigned char *)&i, sizeof i) <= 0)
goto err_return;
/*
* make sure that i is non-negative -- pick one of the provided
* seeds

18
ssl/d1_both.c
View File

@ -1396,7 +1396,10 @@ int dtls1_process_heartbeat(SSL *s)
memcpy(bp, pl, payload);
bp += payload;
/* Random padding */
RAND_pseudo_bytes(bp, padding);
if (RAND_bytes(bp, padding) <= 0) {
OPENSSL_free(buffer);
return -1;
}
r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length);
@ -1430,7 +1433,7 @@ int dtls1_process_heartbeat(SSL *s)
int dtls1_heartbeat(SSL *s)
{
unsigned char *buf, *p;
int ret;
int ret = -1;
unsigned int payload = 18; /* Sequence number + random bytes */
unsigned int padding = 16; /* Use minimum padding */
@ -1482,10 +1485,16 @@ int dtls1_heartbeat(SSL *s)
/* Sequence number */
s2n(s->tlsext_hb_seq, p);
/* 16 random bytes */
RAND_pseudo_bytes(p, 16);
if (RAND_bytes(p, 16) <= 0) {
SSLerr(SSL_F_DTLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
goto err;
}
p += 16;
/* Random padding */
RAND_pseudo_bytes(p, padding);
if (RAND_bytes(p, padding) <= 0) {
SSLerr(SSL_F_DTLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
goto err;
}
ret = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
if (ret >= 0) {
@ -1498,6 +1507,7 @@ int dtls1_heartbeat(SSL *s)
s->tlsext_hb_pending = 1;
}
err:
OPENSSL_free(buf);
return ret;

5
ssl/s23_clnt.c
View File

@ -263,6 +263,7 @@ int ssl23_connect(SSL *s)
int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
{
int send_time = 0;
if (len < 4)
return 0;
if (server)
@ -273,9 +274,9 @@ int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
unsigned long Time = (unsigned long)time(NULL);
unsigned char *p = result;
l2n(Time, p);
return RAND_pseudo_bytes(p, len - 4);
return RAND_bytes(p, len - 4);
} else
return RAND_pseudo_bytes(result, len);
return RAND_bytes(result, len);
}
static int ssl23_client_hello(SSL *s)

7
ssl/s3_clnt.c
View File

@ -2810,7 +2810,12 @@ int ssl3_send_client_key_exchange(SSL *s)
EVP_PKEY_encrypt_init(pkey_ctx);
/* Generate session key */
RAND_bytes(pms, pmslen);
if (RAND_bytes(pms, pmslen) <= 0) {
EVP_PKEY_CTX_free(pkey_ctx);
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
ERR_R_INTERNAL_ERROR);
goto err;
};
/*
* If we have client certificate, use its secret as peer key
*/

5
ssl/s3_srvr.c
View File

@ -2168,10 +2168,7 @@ int ssl3_get_client_key_exchange(SSL *s)
* fails. See https://tools.ietf.org/html/rfc5246#section-7.4.7.1
*/
/*
* should be RAND_bytes, but we cannot work around a failure.
*/
if (RAND_pseudo_bytes(rand_premaster_secret,
if (RAND_bytes(rand_premaster_secret,
sizeof(rand_premaster_secret)) <= 0)
goto err;
decrypt_len =

2
ssl/ssl_lib.c
View File

@ -1957,7 +1957,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
ret->tlsext_servername_callback = 0;
ret->tlsext_servername_arg = NULL;
/* Setup RFC4507 ticket keys */
if ((RAND_pseudo_bytes(ret->tlsext_tick_key_name, 16) <= 0)
if ((RAND_bytes(ret->tlsext_tick_key_name, 16) <= 0)
|| (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0)
|| (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0))
ret->options |= SSL_OP_NO_TICKET;

2
ssl/ssl_sess.c
View File

@ -257,7 +257,7 @@ static int def_generate_session_id(const SSL *ssl, unsigned char *id,
{
unsigned int retry = 0;
do
if (RAND_pseudo_bytes(id, *id_len) <= 0)
if (RAND_bytes(id, *id_len) <= 0)
return 0;
while (SSL_has_matching_session_id(ssl, id, *id_len) &&
(++retry < MAX_SESS_ID_ATTEMPTS)) ;

19
ssl/t1_lib.c
View File

@ -3634,7 +3634,10 @@ int tls1_process_heartbeat(SSL *s)
memcpy(bp, pl, payload);
bp += payload;
/* Random padding */
RAND_pseudo_bytes(bp, padding);
if (RAND_bytes(bp, padding) <= 0) {
OPENSSL_free(buffer);
return -1;
}
r = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buffer,
3 + payload + padding);
@ -3669,7 +3672,7 @@ int tls1_process_heartbeat(SSL *s)
int tls1_heartbeat(SSL *s)
{
unsigned char *buf, *p;
int ret;
int ret = -1;
unsigned int payload = 18; /* Sequence number + random bytes */
unsigned int padding = 16; /* Use minimum padding */
@ -3721,10 +3724,16 @@ int tls1_heartbeat(SSL *s)
/* Sequence number */
s2n(s->tlsext_hb_seq, p);
/* 16 random bytes */
RAND_pseudo_bytes(p, 16);
if (RAND_bytes(p, 16) <= 0) {
SSLerr(SSL_F_TLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
goto err;
}
p += 16;
/* Random padding */
RAND_pseudo_bytes(p, padding);
if (RAND_bytes(p, padding) <= 0) {
SSLerr(SSL_F_TLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
goto err;
}
ret = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
if (ret >= 0) {
@ -3736,8 +3745,8 @@ int tls1_heartbeat(SSL *s)
s->tlsext_hb_pending = 1;
}
err:
OPENSSL_free(buf);
return ret;
}
# endif

8
test/igetest.c
View File

@ -289,9 +289,9 @@ int main(int argc, char **argv)
assert(BIG_TEST_SIZE >= TEST_SIZE);
RAND_pseudo_bytes(rkey, sizeof rkey);
RAND_pseudo_bytes(plaintext, sizeof plaintext);
RAND_pseudo_bytes(iv, sizeof iv);
RAND_bytes(rkey, sizeof rkey);
RAND_bytes(plaintext, sizeof plaintext);
RAND_bytes(iv, sizeof iv);
memcpy(saved_iv, iv, sizeof saved_iv);
/* Forward IGE only... */
@ -390,7 +390,7 @@ int main(int argc, char **argv)
*/
/* possible with biIGE, so the IV is not updated. */
RAND_pseudo_bytes(rkey2, sizeof rkey2);
RAND_bytes(rkey2, sizeof rkey2);
/* Straight encrypt/decrypt */
AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);