Use BN_rand_range().
authorUlf Möller <ulf@openssl.org>
Tue, 20 Feb 2001 00:43:59 +0000 (00:43 +0000)
committerUlf Möller <ulf@openssl.org>
Tue, 20 Feb 2001 00:43:59 +0000 (00:43 +0000)
crypto/dh/dh_key.c
crypto/dsa/dsa_key.c
crypto/rsa/rsa_lib.c

index 0e4fee1..7a0ace7 100644 (file)
@@ -101,7 +101,6 @@ const DH_METHOD *DH_OpenSSL(void)
 static int generate_key(DH *dh)
        {
        int ok=0;
-       unsigned int i;
        BN_CTX ctx;
        BN_MONT_CTX *mont;
        BIGNUM *pub_key=NULL,*priv_key=NULL;
@@ -110,15 +109,9 @@ static int generate_key(DH *dh)
 
        if (dh->priv_key == NULL)
                {
-               i=dh->length;
-               if (i == 0)
-                       {
-                       /* Make the number p-1 bits long */
-                       i=BN_num_bits(dh->p)-1;
-                       }
                priv_key=BN_new();
                if (priv_key == NULL) goto err;
-               if (!BN_rand(priv_key,i,0,0)) goto err;
+               if (!BN_rand_range(priv_key, dh->p)) goto err;
                }
        else
                priv_key=dh->priv_key;
index 5f4a8fc..bd5d0ce 100644 (file)
@@ -68,7 +68,6 @@
 int DSA_generate_key(DSA *dsa)
        {
        int ok=0;
-       unsigned int i;
        BN_CTX *ctx=NULL;
        BIGNUM *pub_key=NULL,*priv_key=NULL;
 
@@ -81,15 +80,9 @@ int DSA_generate_key(DSA *dsa)
        else
                priv_key=dsa->priv_key;
 
-       i=BN_num_bits(dsa->q);
-       for (;;)
-               {
-               if (!BN_rand(priv_key,i,0,0))
-                       goto err;
-               if (BN_cmp(priv_key,dsa->q) >= 0)
-                       BN_sub(priv_key,priv_key,dsa->q);
-               if (!BN_is_zero(priv_key)) break;
-               }
+       do
+               if (!BN_rand_range(priv_key,dsa->q)) goto err;
+       while (BN_is_zero(priv_key));
 
        if (dsa->pub_key == NULL)
                {
index d09dbd4..d3a602f 100644 (file)
@@ -325,7 +325,7 @@ int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
 
        BN_CTX_start(ctx);
        A = BN_CTX_get(ctx);
-       if (!BN_rand(A,BN_num_bits(rsa->n)-1,1,0)) goto err;
+       if (!BN_rand_range(A,rsa->n)) goto err;
        if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err;
 
        if (!ENGINE_get_RSA(rsa->engine)->bn_mod_exp(A,A,