crypto/{ecdsa,rsa}: always use io.ReadFull with crypto/rand.Reader.

crypto/rand.Reader doesn't ensure that short reads don't happen. This change contains a couple of fixups where io.ReadFull wasn't being used with it. Change-Id: I3855b81f5890f2e703112eeea804aeba07b6a6b8 Reviewed-on: https://go-review.googlesource.com/7645Reviewed-by: Minux Ma <minux@golang.org> Reviewed-by: Andrew Gerrand <adg@golang.org>

crypto/{ecdsa,rsa}: always use io.ReadFull with crypto/rand.Reader.
crypto/rand.Reader doesn't ensure that short reads don't happen. This change contains a couple of fixups where io.ReadFull wasn't being used with it. Change-Id: I3855b81f5890f2e703112eeea804aeba07b6a6b8 Reviewed-on: https://go-review.googlesource.com/7645Reviewed-by: Minux Ma <minux@golang.org> Reviewed-by: Andrew Gerrand <adg@golang.org>
123b38e1 · Adam Langley · e14339d3 · 123b38e1 · 123b38e1
Commit 123b38e1 authored Mar 16, 2015 by Adam Langley
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

ecdsa.go src/crypto/ecdsa/ecdsa.go +1 -1

rsa.go src/crypto/rsa/rsa.go +1 -1

No files found.
--- a/src/crypto/ecdsa/ecdsa.go
+++ b/src/crypto/ecdsa/ecdsa.go
@@ -140,7 +140,7 @@ func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err err
 		entropylen = 32
 	}
 	entropy := make([]byte, entropylen)
-	_, err = rand.Read(entropy)
+	_, err = io.ReadFull(rand, entropy)
 	if err != nil {
 		return
 	}

--- a/src/crypto/rsa/rsa.go
+++ b/src/crypto/rsa/rsa.go
@@ -102,7 +102,7 @@ func (priv *PrivateKey) Decrypt(rand io.Reader, ciphertext []byte, opts crypto.D
 	case *PKCS1v15DecryptOptions:
 		if l := opts.SessionKeyLen; l > 0 {
 			plaintext = make([]byte, l)
-			if _, err := rand.Read(plaintext); err != nil {
+			if _, err := io.ReadFull(rand, plaintext); err != nil {
 				return nil, err
 			}
 			if err := DecryptPKCS1v15SessionKey(rand, priv, ciphertext, plaintext); err != nil {