generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

BN_rand_range() needs a BN_rand() variant that doesn't set the MSB.

Browse Source
This commit is contained in:
Ulf Möller 2001-02-20 00:23:07 +00:00
parent 5003a61b9f
commit 335c4f0966
2 changed files with 23 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
crypto/bn/bn_rand.c
View File

@ -121,24 +121,27 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
} }
#endif #endif
if (top) if (top != -1)
{ {
if (bit == 0) if (top)
{ {
buf[0]=1; if (bit == 0)
buf[1]|=0x80; {
buf[0]=1;
buf[1]|=0x80;
}
else
{
buf[0]|=(3<<(bit-1));
buf[0]&= ~(mask<<1);
}
} }
else else
{ {
buf[0]|=(3<<(bit-1)); buf[0]|=(1<<bit);
buf[0]&= ~(mask<<1); buf[0]&= ~(mask<<1);
} }
} }
else
{
buf[0]|=(1<<bit);
buf[0]&= ~(mask<<1);
}
if (bottom) /* set bottom bits to whatever odd is */ if (bottom) /* set bottom bits to whatever odd is */
buf[bytes-1]|=1; buf[bytes-1]|=1;
if (!BN_bin2bn(buf,bytes,rnd)) goto err; if (!BN_bin2bn(buf,bytes,rnd)) goto err;
@ -192,7 +195,7 @@ int BN_rand_range(BIGNUM *r, BIGNUM *range)
do do
{ {
/* range = 11..._2, so each iteration succeeds with probability >= .75 */ /* range = 11..._2, so each iteration succeeds with probability >= .75 */
if (!BN_rand(r, n, 0, 0)) return 0; if (!BN_rand(r, n, -1, 0)) return 0;
} }
while (BN_cmp(r, range) >= 0); while (BN_cmp(r, range) >= 0);
} }
@ -202,7 +205,7 @@ int BN_rand_range(BIGNUM *r, BIGNUM *range)
* so 3*range (= 11..._2) is exactly one bit longer than range */ * so 3*range (= 11..._2) is exactly one bit longer than range */
do do
{ {
if (!BN_rand(r, n + 1, 0, 0)) return 0; if (!BN_rand(r, n + 1, -1, 0)) return 0;
/* If r < 3*range, use r := r MOD range /* If r < 3*range, use r := r MOD range
* (which is either r, r - range, or r - 2*range). * (which is either r, r - range, or r - 2*range).
* Otherwise, iterate once more. * Otherwise, iterate once more.

14
doc/crypto/BN_rand.pod
View File

@ -17,10 +17,12 @@ BN_rand, BN_pseudo_rand - generate pseudo-random number
=head1 DESCRIPTION =head1 DESCRIPTION
BN_rand() generates a cryptographically strong pseudo-random number of BN_rand() generates a cryptographically strong pseudo-random number of
B<bits> bits in length and stores it in B<rnd>. If B<top> is true, the B<bits> bits in length and stores it in B<rnd>. If B<top> is -1, the
two most significant bits of the number will be set to 1, so that the most significant bit of the random number can be zero. If B<top> is 0,
product of two such random numbers will always have 2*B<bits> length. it is set to 1, and if B<top> is 1, the two most significant bits of
If B<bottom> is true, the number will be odd. the number will be set to 1, so that the product of two such random
numbers will always have 2*B<bits> length. If B<bottom> is true, the
number will be odd.
BN_pseudo_rand() does the same, but pseudo-random numbers generated by BN_pseudo_rand() does the same, but pseudo-random numbers generated by
this function are not necessarily unpredictable. They can be used for this function are not necessarily unpredictable. They can be used for
@ -45,7 +47,7 @@ L<RAND_add(3)|RAND_add(3)>, L<RAND_bytes(3)|RAND_bytes(3)>
=head1 HISTORY =head1 HISTORY
BN_rand() is available in all versions of SSLeay and OpenSSL. BN_rand() is available in all versions of SSLeay and OpenSSL.
BN_pseudo_rand() was added in OpenSSL 0.9.5, and BN_rand_range() BN_pseudo_rand() was added in OpenSSL 0.9.5. The B<top> == -1 case
in OpenSSL 0.9.6a. and the function BN_rand_range() were added in OpenSSL 0.9.6a.
=cut =cut