diff options
| author | Kurt Roeckx <kurt@roeckx.be> | 2017-11-03 20:59:16 +0100 |
|---|---|---|
| committer | Kurt Roeckx <kurt@roeckx.be> | 2018-04-02 22:22:43 +0200 |
| commit | 4cffafe96786558f66e1900ac462f9ccba921132 (patch) | |
| tree | f075edeb812b1ed574e6656a7f1bd312dbe5e02e /ssl/tls_srp.c | |
| parent | Documentation typo fix in EVP_EncryptInit.pod (diff) | |
| download | openssl-4cffafe96786558f66e1900ac462f9ccba921132.tar.xz openssl-4cffafe96786558f66e1900ac462f9ccba921132.zip | |
Use the private RNG for data that is not public
Reviewed-by: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Fixes: #4641
GH: #4665
Diffstat (limited to 'ssl/tls_srp.c')
| -rw-r--r-- | ssl/tls_srp.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ssl/tls_srp.c b/ssl/tls_srp.c index 87614cb003..f94e46b4e8 100644 --- a/ssl/tls_srp.c +++ b/ssl/tls_srp.c @@ -157,7 +157,7 @@ int SSL_srp_server_param_with_username(SSL *s, int *ad) (s->srp_ctx.s == NULL) || (s->srp_ctx.v == NULL)) return SSL3_AL_FATAL; - if (RAND_bytes(b, sizeof(b)) <= 0) + if (RAND_priv_bytes(b, sizeof(b)) <= 0) return SSL3_AL_FATAL; s->srp_ctx.b = BN_bin2bn(b, sizeof(b), NULL); OPENSSL_cleanse(b, sizeof(b)); @@ -369,7 +369,7 @@ int SRP_Calc_A_param(SSL *s) { unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH]; - if (RAND_bytes(rnd, sizeof(rnd)) <= 0) + if (RAND_priv_bytes(rnd, sizeof(rnd)) <= 0) return 0; s->srp_ctx.a = BN_bin2bn(rnd, sizeof(rnd), s->srp_ctx.a); OPENSSL_cleanse(rnd, sizeof(rnd)); |