Use BN_rand_range().

[openssl.git] / crypto / dsa / dsa_key.c

diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
index 2c70248687a0a42e3907297988534ba4cce37e4d..bd5d0ce5673c1c514805798427e62d4ba58b0d2b 100644 (file)
--- a/crypto/dsa/dsa_key.c
+++ b/crypto/dsa/dsa_key.c
@@ -1,5 +1,5 @@
 /* crypto/dsa/dsa_key.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
@@ -56,19 +56,18 @@
  * [including the GNU Public Licence.]
  */
 
+#ifndef OPENSSL_NO_SHA
 #include <stdio.h>
 #include <time.h>
 #include "cryptlib.h"
-#include "sha.h"
-#include "bn.h"
-#include "dsa.h"
-#include "rand.h"
+#include <openssl/sha.h>
+#include <openssl/bn.h>
+#include <openssl/dsa.h>
+#include <openssl/rand.h>
 
-int DSA_generate_key(dsa)
-DSA *dsa;
+int DSA_generate_key(DSA *dsa)
        {
        int ok=0;
-       unsigned int i;
        BN_CTX *ctx=NULL;
        BIGNUM *pub_key=NULL,*priv_key=NULL;
 
@@ -81,14 +80,9 @@ DSA *dsa;
        else
                priv_key=dsa->priv_key;
 
-       i=BN_num_bits(dsa->q);
-       for (;;)
-               {
-               BN_rand(priv_key,i,1,0);
-               if (BN_cmp(priv_key,dsa->q) >= 0)
-                       BN_sub(priv_key,priv_key,dsa->q);
-               if (!BN_is_zero(priv_key)) break;
-               }
+       do
+               if (!BN_rand_range(priv_key,dsa->q)) goto err;
+       while (BN_is_zero(priv_key));
 
        if (dsa->pub_key == NULL)
                {
@@ -109,4 +103,4 @@ err:
        if (ctx != NULL) BN_CTX_free(ctx);
        return(ok);
        }
-
+#endif