summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2014-04-17 12:48:52 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2014-04-17 12:48:52 +0000
commit4da5267c9addfb8ba80646af32c2acb79a8421cb (patch)
treedf7d0e6d5e91ff6dcd945c2d279f1b1fd78105e1
parentcad3e7af4c256294b1e93076f67c1dcf2f2957d0 (diff)
1. RAND_seed is now DEPRECATED
2. Even passing a digest in as entropy is sloppy. But apparently the OpenSSL guys could find no objects of lesser value to pass to the pluggable random subsystem, and had to resort to private keys and digests. Classy. ok djm
-rw-r--r--lib/libssl/src/crypto/dsa/dsa_asn1.c1
-rw-r--r--lib/libssl/src/crypto/ecdsa/ecs_sign.c1
2 files changed, 1 insertions, 1 deletions
diff --git a/lib/libssl/src/crypto/dsa/dsa_asn1.c b/lib/libssl/src/crypto/dsa/dsa_asn1.c
index 60585343746..19528dcd7ac 100644
--- a/lib/libssl/src/crypto/dsa/dsa_asn1.c
+++ b/lib/libssl/src/crypto/dsa/dsa_asn1.c
@@ -154,7 +154,6 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
unsigned int *siglen, DSA *dsa)
{
DSA_SIG *s;
- RAND_seed(dgst, dlen);
s=DSA_do_sign(dgst,dlen,dsa);
if (s == NULL)
{
diff --git a/lib/libssl/src/crypto/ecdsa/ecs_sign.c b/lib/libssl/src/crypto/ecdsa/ecs_sign.c
index 74b1fe8caff..a60c327e4df 100644
--- a/lib/libssl/src/crypto/ecdsa/ecs_sign.c
+++ b/lib/libssl/src/crypto/ecdsa/ecs_sign.c
@@ -57,6 +57,7 @@
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
+#include <openssl/rand.h>
ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
{