Commit 123b38e1 authored by Adam Langley's avatar Adam Langley

crypto/{ecdsa,rsa}: always use io.ReadFull with crypto/rand.Reader.

crypto/rand.Reader doesn't ensure that short reads don't happen. This
change contains a couple of fixups where io.ReadFull wasn't being used
with it.

Change-Id: I3855b81f5890f2e703112eeea804aeba07b6a6b8
Reviewed-on: https://go-review.googlesource.com/7645Reviewed-by: 's avatarMinux Ma <minux@golang.org>
Reviewed-by: 's avatarAndrew Gerrand <adg@golang.org>
parent e14339d3
......@@ -140,7 +140,7 @@ func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err err
entropylen = 32
}
entropy := make([]byte, entropylen)
_, err = rand.Read(entropy)
_, err = io.ReadFull(rand, entropy)
if err != nil {
return
}
......
......@@ -102,7 +102,7 @@ func (priv *PrivateKey) Decrypt(rand io.Reader, ciphertext []byte, opts crypto.D
case *PKCS1v15DecryptOptions:
if l := opts.SessionKeyLen; l > 0 {
plaintext = make([]byte, l)
if _, err := rand.Read(plaintext); err != nil {
if _, err := io.ReadFull(rand, plaintext); err != nil {
return nil, err
}
if err := DecryptPKCS1v15SessionKey(rand, priv, ciphertext, plaintext); err != nil {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment