#include <stdio.h>
#include <time.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include "bn_lcl.h"
#include <openssl/rand.h>
#include <openssl/sha.h>
int ret = 0, bit, bytes, mask;
time_t tim;
+ if (bits < 0 || (bits == 1 && top > 0)) {
+ BNerr(BN_F_BNRAND, BN_R_BITS_TOO_SMALL);
+ return 0;
+ }
+
if (bits == 0) {
BN_zero(rnd);
return 1;
bit = (bits - 1) % 8;
mask = 0xff << (bit + 1);
- buf = (unsigned char *)OPENSSL_malloc(bytes);
+ buf = OPENSSL_malloc(bytes);
if (buf == NULL) {
BNerr(BN_F_BNRAND, ERR_R_MALLOC_FAILURE);
goto err;
RAND_add(&tim, sizeof(tim), 0.0);
if (pseudorand) {
- if (RAND_pseudo_bytes(buf, bytes) == -1)
+ if (RAND_bytes(buf, bytes) <= 0)
goto err;
} else {
if (RAND_bytes(buf, bytes) <= 0)
unsigned char c;
for (i = 0; i < bytes; i++) {
- RAND_pseudo_bytes(&c, 1);
+ if (RAND_bytes(&c, 1) <= 0)
+ goto err;
if (c >= 128 && i > 0)
buf[i] = buf[i - 1];
else if (c < 42)
}
}
- if (top != -1) {
+ if (top >= 0) {
if (top) {
if (bit == 0) {
buf[0] = 1;
goto err;
ret = 1;
err:
- if (buf != NULL) {
- OPENSSL_cleanse(buf, bytes);
- OPENSSL_free(buf);
- }
+ OPENSSL_clear_free(buf, bytes);
bn_check_top(rnd);
return (ret);
}
ret = 1;
err:
- if (k_bytes)
- OPENSSL_free(k_bytes);
+ OPENSSL_free(k_bytes);
return ret;
}