projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Update copyright; generated files.
[openssl.git]
/
crypto
/
bn
/
bn_rand.c
diff --git
a/crypto/bn/bn_rand.c
b/crypto/bn/bn_rand.c
index 10964646f27ff9b1b830bffa071204d23bc3dc34..ce4a0e17d796df18090a608b6fbfd6110fe6fadb 100644
(file)
--- a/
crypto/bn/bn_rand.c
+++ b/
crypto/bn/bn_rand.c
@@
-1,4
+1,3
@@
-/* crypto/bn/bn_rand.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@
-111,7
+110,7
@@
#include <stdio.h>
#include <time.h>
#include <stdio.h>
#include <time.h>
-#include "cryptlib.h"
+#include "
internal/
cryptlib.h"
#include "bn_lcl.h"
#include <openssl/rand.h>
#include <openssl/sha.h>
#include "bn_lcl.h"
#include <openssl/rand.h>
#include <openssl/sha.h>
@@
-122,6
+121,11
@@
static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
int ret = 0, bit, bytes, mask;
time_t tim;
int ret = 0, bit, bytes, mask;
time_t tim;
+ if (bits < 0 || (bits == 1 && top > 0)) {
+ BNerr(BN_F_BNRAND, BN_R_BITS_TOO_SMALL);
+ return 0;
+ }
+
if (bits == 0) {
BN_zero(rnd);
return 1;
if (bits == 0) {
BN_zero(rnd);
return 1;
@@
-168,7
+172,7
@@
static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
}
}
}
}
- if (top
!= -1
) {
+ if (top
>= 0
) {
if (top) {
if (bit == 0) {
buf[0] = 1;
if (top) {
if (bit == 0) {
buf[0] = 1;
@@
-187,10
+191,7
@@
static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
goto err;
ret = 1;
err:
goto err;
ret = 1;
err:
- if (buf != NULL) {
- OPENSSL_cleanse(buf, bytes);
- OPENSSL_free(buf);
- }
+ OPENSSL_clear_free(buf, bytes);
bn_check_top(rnd);
return (ret);
}
bn_check_top(rnd);
return (ret);
}
@@
-313,7
+314,7
@@
int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range,
int ret = 0;
k_bytes = OPENSSL_malloc(num_k_bytes);
int ret = 0;
k_bytes = OPENSSL_malloc(num_k_bytes);
- if (
!k_bytes
)
+ if (
k_bytes == NULL
)
goto err;
/* We copy |priv| into a local buffer to avoid exposing its length. */
goto err;
/* We copy |priv| into a local buffer to avoid exposing its length. */
@@
-354,7
+355,6
@@
int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range,
ret = 1;
err:
ret = 1;
err:
- if (k_bytes)
- OPENSSL_free(k_bytes);
+ OPENSSL_free(k_bytes);
return ret;
}
return ret;
}