diff options
author | David Benjamin <davidben@chromium.org> | 2014-12-16 15:48:10 +0300 |
---|---|---|
committer | Adam Langley <agl@google.com> | 2014-12-16 22:15:59 +0300 |
commit | a6d81018f8fd5647d88a49923633f29dd77c2365 (patch) | |
tree | a2182160a477558c1919642629a684046938c42b /crypto/bn/random.c | |
parent | 263eac02f5c27ad91c1514c93246b84980f73c97 (diff) |
Consistently use RAND_bytes and check for failure.
RAND_pseudo_bytes just calls RAND_bytes now and only returns 0 or 1. Switch all
callers within the library call the new one and use the simpler failure check.
This fixes a few error checks that no longer work (< 0) and some missing ones.
Change-Id: Id51c79deec80075949f73fa1fbd7b76aac5570c6
Reviewed-on: https://boringssl-review.googlesource.com/2621
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'crypto/bn/random.c')
-rw-r--r-- | crypto/bn/random.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/crypto/bn/random.c b/crypto/bn/random.c index 924aad71..85fd4475 100644 --- a/crypto/bn/random.c +++ b/crypto/bn/random.c @@ -136,9 +136,10 @@ int BN_rand(BIGNUM *rnd, int bits, int top, int bottom) { goto err; } - /* make a random number and set the top and bottom bits */ - if (RAND_pseudo_bytes(buf, bytes) <= 0) + /* Make a random number and set the top and bottom bits. */ + if (!RAND_bytes(buf, bytes)) { goto err; + } if (top != -1) { if (top) { @@ -286,7 +287,7 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, const BIGNUM *priv, for (attempt = 0;; attempt++) { for (done = 0; done < num_k_bytes;) { - if (RAND_pseudo_bytes(random_bytes, sizeof(random_bytes)) != 1) { + if (!RAND_bytes(random_bytes, sizeof(random_bytes))) { goto err; } SHA512_Init(&sha); |