From d2ffc41a6c63c9a0e221ea593c21b8fad3b628df Mon Sep 17 00:00:00 2001 From: Jakub Jelen Date: Fri, 20 Oct 2017 11:16:18 +0200 Subject: [PATCH] RAND_pseudo_bytes is deprecated in OpenSSL 1.1.0 --- lib/ykpiv.c | 2 +- tool/yubico-piv-tool.c | 6 +++--- ykcs11/tests/ykcs11_tests.c | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/ykpiv.c b/lib/ykpiv.c index da4fa44..2aff46c 100644 --- a/lib/ykpiv.c +++ b/lib/ykpiv.c @@ -478,7 +478,7 @@ ykpiv_rc ykpiv_authenticate(ykpiv_state *state, unsigned const char *key) { dataptr += 8; *dataptr++ = 0x81; *dataptr++ = 8; - if(RAND_pseudo_bytes(dataptr, 8) == -1) { + if(RAND_bytes(dataptr, 8) == -1) { if(state->verbose) { fprintf(stderr, "Failed getting randomness for authentication.\n"); } diff --git a/tool/yubico-piv-tool.c b/tool/yubico-piv-tool.c index a980a29..ca50fa7 100644 --- a/tool/yubico-piv-tool.c +++ b/tool/yubico-piv-tool.c @@ -645,7 +645,7 @@ static bool set_dataobject(ykpiv_state *state, int verbose, int type) { id = YKPIV_OBJ_CAPABILITY; } memcpy(obj, tmpl, len); - if(RAND_pseudo_bytes(obj + offs, rand_len) == -1) { + if(RAND_bytes(obj + offs, rand_len) == -1) { fprintf(stderr, "error: no randomness.\n"); return false; } @@ -1457,7 +1457,7 @@ static bool test_signature(ykpiv_state *state, enum enum_slot slot, { unsigned char rand[128]; EVP_MD_CTX *mdctx; - if(RAND_pseudo_bytes(rand, 128) == -1) { + if(RAND_bytes(rand, 128) == -1) { fprintf(stderr, "error: no randomness.\n"); return false; } @@ -1604,7 +1604,7 @@ static bool test_decipher(ykpiv_state *state, enum enum_slot slot, size_t len2 = sizeof(data); RSA *rsa = EVP_PKEY_get1_RSA(pubkey); - if(RAND_pseudo_bytes(secret, sizeof(secret)) == -1) { + if(RAND_bytes(secret, sizeof(secret)) == -1) { fprintf(stderr, "error: no randomness.\n"); ret = false; goto decipher_out; diff --git a/ykcs11/tests/ykcs11_tests.c b/ykcs11/tests/ykcs11_tests.c index 027ff51..df17239 100644 --- a/ykcs11/tests/ykcs11_tests.c +++ b/ykcs11/tests/ykcs11_tests.c @@ -371,7 +371,7 @@ static void test_import_and_sign_all_10() { for (i = 0; i < 24; i++) { for (j = 0; j < 10; j++) { - if(RAND_pseudo_bytes(some_data, sizeof(some_data)) == -1) + if(RAND_bytes(some_data, sizeof(some_data)) == -1) exit(EXIT_FAILURE); asrt(funcs->C_Login(session, CKU_USER, "123456", 6), CKR_OK, "Login USER"); @@ -562,7 +562,7 @@ static void test_import_and_sign_all_10_RSA() { for (i = 0; i < 24; i++) { for (j = 0; j < 10; j++) { - if(RAND_pseudo_bytes(some_data, sizeof(some_data)) == -1) + if(RAND_bytes(some_data, sizeof(some_data)) == -1) exit(EXIT_FAILURE); asrt(funcs->C_Login(session, CKU_USER, "123456", 6), CKR_OK, "Login USER");