diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2014-04-17 12:48:52 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2014-04-17 12:48:52 +0000 |
| commit | 4a6546f85627673ee697198e1872fcefb4c1a0d5 (patch) | |
| tree | ae16d3f14f19850f544463e0eed2828e32812a99 | |
| parent | d42584102277b807b155d7d045eacdd13ab970e5 (diff) | |
1. RAND_seed is now DEPRECATED
2. Even passing a digest in as entropy is sloppy.
But apparently the OpenSSL guys could find no objects of lesser value to
pass to the pluggable random subsystem, and had to resort to private keys
and digests. Classy.
ok djm
| -rw-r--r-- | lib/libcrypto/dsa/dsa_asn1.c | 1 | ||||
| -rw-r--r-- | lib/libcrypto/ecdsa/ecs_sign.c | 1 |
2 files changed, 1 insertions, 1 deletions
diff --git a/lib/libcrypto/dsa/dsa_asn1.c b/lib/libcrypto/dsa/dsa_asn1.c index 60585343746..19528dcd7ac 100644 --- a/lib/libcrypto/dsa/dsa_asn1.c +++ b/lib/libcrypto/dsa/dsa_asn1.c @@ -154,7 +154,6 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, unsigned int *siglen, DSA *dsa) { DSA_SIG *s; - RAND_seed(dgst, dlen); s=DSA_do_sign(dgst,dlen,dsa); if (s == NULL) { diff --git a/lib/libcrypto/ecdsa/ecs_sign.c b/lib/libcrypto/ecdsa/ecs_sign.c index 74b1fe8caff..a60c327e4df 100644 --- a/lib/libcrypto/ecdsa/ecs_sign.c +++ b/lib/libcrypto/ecdsa/ecs_sign.c @@ -57,6 +57,7 @@ #ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> #endif +#include <openssl/rand.h> ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) { |