[openssl-dev] cms -decrypt calls RAND_pseudo_bytes

Dmitry Belyavsky beldmit at gmail.com
Tue Mar 29 12:33:19 UTC 2016


We currently use the openssl 1.0.2g.

We found out that the cms -decrypt command line utility calls the
RAND_pseudo_bytes function.

In the file crypto/cms/cms_enc.c the function EVP_CIPHER_CTX_rand_key is
called both for the encryption and for the decryption.

Could we avoid the call to the EVP_CIPHER_CTX_rand_key function in case of
decryption? It seems unnecessary for me here, but I am not sure I
understand the whole situation.

Thank you!

SY, Dmitry Belyavsky
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160329/b066411d/attachment.html>

More information about the openssl-dev mailing list