Revision a520723f29aac6598ff0d69e34f5e9b88213e511 authored by Matt Caswell on 14 October 2016, 12:07:00 UTC, committed by Matt Caswell on 28 October 2016, 08:43:41 UTC
The previous commit inspired a review of all the length checks for the extension adding code. This adds more robust checks and adds checks where some were missing previously. The real solution for this is to use WPACKET which is currently in master - but that cannot be applied to release branches. Reviewed-by: Rich Salz <rsalz@openssl.org>
1 parent 83a1d4b
RAND_bytes.pod
=pod
=head1 NAME
RAND_bytes, RAND_pseudo_bytes - generate random data
=head1 SYNOPSIS
#include <openssl/rand.h>
int RAND_bytes(unsigned char *buf, int num);
int RAND_pseudo_bytes(unsigned char *buf, int num);
=head1 DESCRIPTION
RAND_bytes() puts B<num> cryptographically strong pseudo-random bytes
into B<buf>. An error occurs if the PRNG has not been seeded with
enough randomness to ensure an unpredictable byte sequence.
RAND_pseudo_bytes() puts B<num> pseudo-random bytes into B<buf>.
Pseudo-random byte sequences generated by RAND_pseudo_bytes() will be
unique if they are of sufficient length, but are not necessarily
unpredictable. They can be used for non-cryptographic purposes and for
certain purposes in cryptographic protocols, but usually not for key
generation etc.
The contents of B<buf> is mixed into the entropy pool before retrieving
the new pseudo-random bytes unless disabled at compile time (see FAQ).
=head1 RETURN VALUES
RAND_bytes() returns 1 on success, 0 otherwise. The error code can be
obtained by L<ERR_get_error(3)|ERR_get_error(3)>. RAND_pseudo_bytes() returns 1 if the
bytes generated are cryptographically strong, 0 otherwise. Both
functions return -1 if they are not supported by the current RAND
method.
=head1 SEE ALSO
L<rand(3)|rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
L<RAND_add(3)|RAND_add(3)>
=head1 HISTORY
RAND_bytes() is available in all versions of SSLeay and OpenSSL. It
has a return value since OpenSSL 0.9.5. RAND_pseudo_bytes() was added
in OpenSSL 0.9.5.
=cut

Computing file changes ...