Hello,

We currently use the openssl 1.0.2g.

We found out that the cms -decrypt command line utility calls the
RAND_pseudo_bytes function.

In the file crypto/cms/cms_enc.c the function EVP_CIPHER_CTX_rand_key is
called both for the encryption and for the decryption.

Could we avoid the call to the EVP_CIPHER_CTX_rand_key function in case of
decryption? It seems unnecessary for me here, but I am not sure I
understand the whole situation.

Thank you!

-- 
SY, Dmitry Belyavsky
-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to