From 5cbd2ea3f94aa8adec9b4486ac757d4d688e3f8c Mon Sep 17 00:00:00 2001
From: Pauli <pauli@openssl.org>
Date: Fri, 28 May 2021 14:46:40 +1000
Subject: add zero strenght arguments to BN and RAND RNG calls

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15513)
---
 crypto/evp/evp_enc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'crypto/evp/evp_enc.c')

diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index dc22d507a4..356951014b 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -1332,7 +1332,7 @@ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
         OSSL_LIB_CTX *libctx = EVP_CIPHER_CTX_get_libctx(ctx);
 
         kl = EVP_CIPHER_CTX_key_length(ctx);
-        if (kl <= 0 || RAND_priv_bytes_ex(libctx, key, kl) <= 0)
+        if (kl <= 0 || RAND_priv_bytes_ex(libctx, key, kl, 0) <= 0)
             return 0;
         return 1;
     }
-- 
cgit v1.2.3