diff options
author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2014-04-17 12:14:27 +0000 |
---|---|---|
committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2014-04-17 12:14:27 +0000 |
commit | 35b7e3440c8f959d10a82f703dfa9678d312a72f (patch) | |
tree | 0525f50017c0789a096f4db3e45f369e7bf7c50b /lib | |
parent | c4885cf0257bfb47d0ff50dd182105e56e516593 (diff) |
Do not feed RSA private key information to the random subsystem as
entropy. It might be fed to a pluggable random subsystem....
What were they thinking?!
ok guenther
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libcrypto/evp/evp_pkey.c | 2 | ||||
-rw-r--r-- | lib/libcrypto/pem/pem_lib.c | 1 | ||||
-rw-r--r-- | lib/libcrypto/rsa/rsa_crpt.c | 8 |
3 files changed, 0 insertions, 11 deletions
diff --git a/lib/libcrypto/evp/evp_pkey.c b/lib/libcrypto/evp/evp_pkey.c index ceebf692848..c760cf19656 100644 --- a/lib/libcrypto/evp/evp_pkey.c +++ b/lib/libcrypto/evp/evp_pkey.c @@ -150,8 +150,6 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); goto error; } - RAND_add(p8->pkey->value.octet_string->data, - p8->pkey->value.octet_string->length, 0.0); return p8; error: PKCS8_PRIV_KEY_INFO_free(p8); diff --git a/lib/libcrypto/pem/pem_lib.c b/lib/libcrypto/pem/pem_lib.c index 74baa2ec1cc..0dfa7c73761 100644 --- a/lib/libcrypto/pem/pem_lib.c +++ b/lib/libcrypto/pem/pem_lib.c @@ -384,7 +384,6 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, } kstr=(unsigned char *)buf; } - RAND_add(data,i,0);/* put in the RSA key. */ OPENSSL_assert(enc->iv_len <= (int)sizeof(iv)); if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */ goto err; diff --git a/lib/libcrypto/rsa/rsa_crpt.c b/lib/libcrypto/rsa/rsa_crpt.c index 7750366613b..2e100ca457f 100644 --- a/lib/libcrypto/rsa/rsa_crpt.c +++ b/lib/libcrypto/rsa/rsa_crpt.c @@ -189,14 +189,6 @@ BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx) else e = rsa->e; - - if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) - { - /* if PRNG is not properly seeded, resort to secret - * exponent as unpredictable seed */ - RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0); - } - if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) { /* Set BN_FLG_CONSTTIME flag */ |