diff options
| author | steve <steve> | 2011-04-23 20:05:17 +0000 |
|---|---|---|
| committer | steve <steve> | 2011-04-23 20:05:17 +0000 |
| commit | 3fad487c9c289bdcdd30bf3338545ce8d20c7878 (patch) | |
| tree | df5a61dd1785c18639ed1cbe2a739f03c984ed06 /crypto/rand | |
| parent | 0a5ea60bf7b25ae30a980670a6284bcd02e00f23 (diff) | |
| download | openssl-3fad487c9c289bdcdd30bf3338545ce8d20c7878.tar.gz | |
Always return multiple of block length bytes from default DRBG seed
callback.
Handle case where no multiple of the block size is in the interval
[min_len, max_len].
Diffstat (limited to 'crypto/rand')
| -rw-r--r-- | crypto/rand/rand_lib.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 0e8201316..f3bd4e632 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -201,6 +201,8 @@ static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout, *pout = OPENSSL_malloc(min_len); if (!*pout) return 0; + /* Round up request to multiple of block size */ + min_len = ((min_len + 19) / 20) * 20; if (RAND_SSLeay()->bytes(*pout, min_len) <= 0) { OPENSSL_free(*pout); |