Hello, We currently use the openssl 1.0.2g.
We found out that the cms -decrypt command line utility calls the RAND_pseudo_bytes function. In the file crypto/cms/cms_enc.c the function EVP_CIPHER_CTX_rand_key is called both for the encryption and for the decryption. Could we avoid the call to the EVP_CIPHER_CTX_rand_key function in case of decryption? It seems unnecessary for me here, but I am not sure I understand the whole situation. Thank you! -- SY, Dmitry Belyavsky
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev