From: Vitaly Chikunov Date: Mon, 17 Feb 2020 23:53:14 +0000 (+0300) Subject: Replace RAND_bytes with RAND_priv_bytes X-Git-Tag: v3.0.0~191 X-Git-Url: http://wagner.pp.ru/gitweb/?a=commitdiff_plain;h=dd6e77bbda3347148139111b9433ab4f6bd1f46c;p=openssl-gost%2Fengine.git Replace RAND_bytes with RAND_priv_bytes `RAND_priv_bytes' is supposed to be used for private data. --- diff --git a/gost89.c b/gost89.c index f940dab..953c6ec 100644 --- a/gost89.c +++ b/gost89.c @@ -452,7 +452,7 @@ void gost_enc_with_key(gost_ctx * c, byte * key, byte * inblock, void gost_key(gost_ctx * c, const byte * k) { int i, j; - RAND_bytes((unsigned char *)c->mask, sizeof(c->mask)); + RAND_priv_bytes((unsigned char *)c->mask, sizeof(c->mask)); for (i = 0, j = 0; i < 8; ++i, j += 4) { c->key[i] = (k[j] | (k[j + 1] << 8) | (k[j + 2] << 16) | ((word32) k[j + 3] << @@ -464,7 +464,7 @@ void gost_key(gost_ctx * c, const byte * k) void magma_key(gost_ctx * c, const byte * k) { int i, j; - RAND_bytes((unsigned char *)c->mask, sizeof(c->mask)); + RAND_priv_bytes((unsigned char *)c->mask, sizeof(c->mask)); for (i = 0, j = 0; i < 8; ++i, j += 4) { c->key[i] = (k[j + 3] | (k[j + 2] << 8) | (k[j + 1] << 16) | ((word32) k[j] << diff --git a/gost_crypt.c b/gost_crypt.c index 7e733df..a649e72 100644 --- a/gost_crypt.c +++ b/gost_crypt.c @@ -876,7 +876,7 @@ int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) #endif case EVP_CTRL_RAND_KEY: { - if (RAND_bytes + if (RAND_priv_bytes ((unsigned char *)ptr, EVP_CIPHER_CTX_key_length(ctx)) <= 0) { GOSTerr(GOST_F_GOST_CIPHER_CTL, GOST_R_RNG_ERROR); return -1; diff --git a/gost_grasshopper_cipher.c b/gost_grasshopper_cipher.c index 70c9f17..2955534 100644 --- a/gost_grasshopper_cipher.c +++ b/gost_grasshopper_cipher.c @@ -729,7 +729,7 @@ int gost_grasshopper_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, { switch (type) { case EVP_CTRL_RAND_KEY:{ - if (RAND_bytes + if (RAND_priv_bytes ((unsigned char *)ptr, EVP_CIPHER_CTX_key_length(ctx)) <= 0) { GOSTerr(GOST_F_GOST_GRASSHOPPER_CIPHER_CTL, GOST_R_RNG_ERROR); return -1;