Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().

arc4random_buf() is guaranteed to always succeed - it is worth noting
that a number of the replaced function calls were already missing return
value checks.

ok deraadt@

3 files changed, 13 insertions, 14 deletions

diff --git a/lib/libcrypto/asn1/asn_mime.c b/lib/libcrypto/asn1/asn_mime.c
index c153deca1e3..afa0abd696e 100644
--- a/lib/libcrypto/asn1/asn_mime.c
+++ b/lib/libcrypto/asn1/asn_mime.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn_mime.c,v 1.22 2014/07/13 16:03:09 beck Exp $ */
+/* $OpenBSD: asn_mime.c,v 1.23 2014/10/22 13:02:03 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
@@ -54,12 +54,12 @@
 
 #include <ctype.h>
 #include <stdio.h>
+#include <stdlib.h>
 #include <string.h>
 
 #include <openssl/asn1.h>
 #include <openssl/asn1t.h>
 #include <openssl/err.h>
-#include <openssl/rand.h>
 #include <openssl/x509.h>
 
 #include "asn1_locl.h"
@@ -298,7 +298,7 @@ SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
 	if ((flags & SMIME_DETACHED) && data) {
 		/* We want multipart/signed */
 		/* Generate a random boundary */
-		RAND_pseudo_bytes((unsigned char *)bound, 32);
+		arc4random_buf(bound, 32);
 		for (i = 0; i < 32; i++) {
 			c = bound[i] & 0xf;
 			if (c < 10)
diff --git a/lib/libcrypto/asn1/p5_pbe.c b/lib/libcrypto/asn1/p5_pbe.c
index ba892b185c3..44fbb648bea 100644
--- a/lib/libcrypto/asn1/p5_pbe.c
+++ b/lib/libcrypto/asn1/p5_pbe.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p5_pbe.c,v 1.16 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: p5_pbe.c,v 1.17 2014/10/22 13:02:03 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -57,11 +57,11 @@
  */
 
 #include <stdio.h>
+#include <stdlib.h>
 #include <string.h>
 
 #include <openssl/asn1t.h>
 #include <openssl/err.h>
-#include <openssl/rand.h>
 #include <openssl/x509.h>
 
 /* PKCS#5 password based encryption structure */
@@ -104,8 +104,8 @@ PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
 	sstr = ASN1_STRING_data(pbe->salt);
 	if (salt)
 		memcpy(sstr, salt, saltlen);
-	else if (RAND_pseudo_bytes(sstr, saltlen) < 0)
-		goto err;
+	else
+		arc4random_buf(sstr, saltlen);
 
 	if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) {
 		ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
diff --git a/lib/libcrypto/asn1/p5_pbev2.c b/lib/libcrypto/asn1/p5_pbev2.c
index 8085aba4531..09479652192 100644
--- a/lib/libcrypto/asn1/p5_pbev2.c
+++ b/lib/libcrypto/asn1/p5_pbev2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p5_pbev2.c,v 1.17 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: p5_pbev2.c,v 1.18 2014/10/22 13:02:03 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999-2004.
  */
@@ -57,11 +57,11 @@
  */
 
 #include <stdio.h>
+#include <stdlib.h>
 #include <string.h>
 
 #include <openssl/asn1t.h>
 #include <openssl/err.h>
-#include <openssl/rand.h>
 #include <openssl/x509.h>
 
 /* PKCS#5 v2.0 password based encryption structures */
@@ -121,9 +121,8 @@ PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, unsigned char *salt,
 	if (EVP_CIPHER_iv_length(cipher)) {
 		if (aiv)
 			memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
-		else if (RAND_pseudo_bytes(iv,
-		    EVP_CIPHER_iv_length(cipher)) < 0)
-			goto err;
+		else
+			arc4random_buf(iv, EVP_CIPHER_iv_length(cipher));
 	}
 
 	EVP_CIPHER_CTX_init(&ctx);
@@ -227,8 +226,8 @@ PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, int prf_nid,
 
 	if (salt)
 		memcpy (osalt->data, salt, saltlen);
-	else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0)
-		goto merr;
+	else
+		arc4random_buf(osalt->data, saltlen);
 
 	if (iter <= 0)
 		iter = PKCS5_DEFAULT_ITER;