Update copyright; generated files.

[openssl.git] / crypto / bn / bn_rand.c

diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c
index 10964646f27ff9b1b830bffa071204d23bc3dc34..ce4a0e17d796df18090a608b6fbfd6110fe6fadb 100644 (file)
--- a/crypto/bn/bn_rand.c
+++ b/crypto/bn/bn_rand.c
@@ -1,4 +1,3 @@
-/* crypto/bn/bn_rand.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -111,7 +110,7 @@
 
 #include <stdio.h>
 #include <time.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
 #include "bn_lcl.h"
 #include <openssl/rand.h>
 #include <openssl/sha.h>
@@ -122,6 +121,11 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
     int ret = 0, bit, bytes, mask;
     time_t tim;
 
+    if (bits < 0 || (bits == 1 && top > 0)) {
+        BNerr(BN_F_BNRAND, BN_R_BITS_TOO_SMALL);
+        return 0;
+    }
+
     if (bits == 0) {
         BN_zero(rnd);
         return 1;
@@ -168,7 +172,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
         }
     }
 
-    if (top != -1) {
+    if (top >= 0) {
         if (top) {
             if (bit == 0) {
                 buf[0] = 1;
@@ -187,10 +191,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
         goto err;
     ret = 1;
  err:
-    if (buf != NULL) {
-        OPENSSL_cleanse(buf, bytes);
-        OPENSSL_free(buf);
-    }
+    OPENSSL_clear_free(buf, bytes);
     bn_check_top(rnd);
     return (ret);
 }
@@ -313,7 +314,7 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range,
     int ret = 0;
 
     k_bytes = OPENSSL_malloc(num_k_bytes);
-    if (!k_bytes)
+    if (k_bytes == NULL)
         goto err;
 
     /* We copy |priv| into a local buffer to avoid exposing its length. */
@@ -354,7 +355,6 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range,
     ret = 1;
 
  err:
-    if (k_bytes)
-        OPENSSL_free(k_bytes);
+    OPENSSL_free(k_bytes);
     return ret;
 }