Check rng return value when generating serial numbers in pki utility

2 files changed, 8 insertions, 8 deletions

diff --git a/src/pki/commands/issue.c b/src/pki/commands/issue.c
index 0398c9dc9..4dbe2e069 100644
--- a/src/pki/commands/issue.c
+++ b/src/pki/commands/issue.c
@@ -356,11 +356,11 @@ static int issue()
 			error = "no random number generator found";
 			goto end;
 		}
-		rng->allocate_bytes(rng, 8, &serial);
-		while (*serial.ptr == 0x00)
+		if (!rng_allocate_bytes_not_zero(rng, 8, &serial, FALSE))
 		{
-			/* we don't accept a serial number with leading zeroes */
-			rng->get_bytes(rng, 1, serial.ptr);
+			error = "failed to generate serial number";
+			rng->destroy(rng);
+			goto end;
 		}
 		rng->destroy(rng);
 	}
diff --git a/src/pki/commands/self.c b/src/pki/commands/self.c
index 6813c98f7..e98f90f4e 100644
--- a/src/pki/commands/self.c
+++ b/src/pki/commands/self.c
@@ -298,11 +298,11 @@ static int self()
 			error = "no random number generator found";
 			goto end;
 		}
-		rng->allocate_bytes(rng, 8, &serial);
-		while (*serial.ptr == 0x00)
+		if (!rng_allocate_bytes_not_zero(rng, 8, &serial, FALSE))
 		{
-			/* we don't accept a serial number with leading zeroes */
-			rng->get_bytes(rng, 1, serial.ptr);
+			error = "failed to generate serial number";
+			rng->destroy(rng);
+			goto end;
 		}
 		rng->destroy(rng);
 	}