ssl: add zero strenght arguments to BN and RAND RNG calls

Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15513)
author: Pauli <pauli@openssl.org> 2021-05-28 14:45:57 +1000
committer: Pauli <pauli@openssl.org> 2021-05-29 17:17:12 +1000
commit: 0f8815aace625f869a42cfc5c254c08d5a668077 (patch)
tree: 3bbf7b2aaec23023be2232920f5b0011744e4126 /ssl/tls_srp.c
parent: 23e97567be012ff1b5082bf149810c72816c29bd (diff)
download: openssl-new-0f8815aace625f869a42cfc5c254c08d5a668077.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/ssl/tls_srp.c b/ssl/tls_srp.c
index 430cd7dae8..0ce3290dc4 100644
--- a/ssl/tls_srp.c
+++ b/ssl/tls_srp.c
@@ -203,7 +203,7 @@ int ssl_srp_server_param_with_username_intern(SSL *s, int *ad)
         (s->srp_ctx.s == NULL) || (s->srp_ctx.v == NULL))
         return SSL3_AL_FATAL;
 
-    if (RAND_priv_bytes_ex(s->ctx->libctx, b, sizeof(b)) <= 0)
+    if (RAND_priv_bytes_ex(s->ctx->libctx, b, sizeof(b), 0) <= 0)
         return SSL3_AL_FATAL;
     s->srp_ctx.b = BN_bin2bn(b, sizeof(b), NULL);
     OPENSSL_cleanse(b, sizeof(b));
@@ -420,7 +420,7 @@ int ssl_srp_calc_a_param_intern(SSL *s)
 {
     unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH];
 
-    if (RAND_priv_bytes_ex(s->ctx->libctx, rnd, sizeof(rnd)) <= 0)
+    if (RAND_priv_bytes_ex(s->ctx->libctx, rnd, sizeof(rnd), 0) <= 0)
         return 0;
     s->srp_ctx.a = BN_bin2bn(rnd, sizeof(rnd), s->srp_ctx.a);
     OPENSSL_cleanse(rnd, sizeof(rnd));
author	Pauli <pauli@openssl.org>	2021-05-28 14:45:57 +1000
committer	Pauli <pauli@openssl.org>	2021-05-29 17:17:12 +1000
commit	0f8815aace625f869a42cfc5c254c08d5a668077 (patch)
tree	3bbf7b2aaec23023be2232920f5b0011744e4126 /ssl/tls_srp.c
parent	23e97567be012ff1b5082bf149810c72816c29bd (diff)
download	openssl-new-0f8815aace625f869a42cfc5c254c08d5a668077.tar.gz