diff options
| author | tb <> | 2018-11-05 23:52:47 +0000 |
|---|---|---|
| committer | tb <> | 2018-11-05 23:52:47 +0000 |
| commit | 22e9d4df59dc9b4792b5eb914b97092ddfae8096 (patch) | |
| tree | 1d92c805eaf4db8d24073257fc47a75565113c89 /src | |
| parent | bcef8f9f7589db87fc5979bf8a77f81275c574a2 (diff) | |
| download | openbsd-22e9d4df59dc9b4792b5eb914b97092ddfae8096.tar.gz openbsd-22e9d4df59dc9b4792b5eb914b97092ddfae8096.tar.bz2 openbsd-22e9d4df59dc9b4792b5eb914b97092ddfae8096.zip | |
Introduce bn_rand_interval() that allows specifying an interval [a, b)
from which a a BIGNUM is chosen uniformly at random.
ok beck jsing
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/bn/bn_lcl.h | 3 | ||||
| -rw-r--r-- | src/lib/libcrypto/bn/bn_rand.c | 29 |
2 files changed, 30 insertions, 2 deletions
diff --git a/src/lib/libcrypto/bn/bn_lcl.h b/src/lib/libcrypto/bn/bn_lcl.h index b8319dd700..d0f36822dc 100644 --- a/src/lib/libcrypto/bn/bn_lcl.h +++ b/src/lib/libcrypto/bn/bn_lcl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: bn_lcl.h,v 1.29 2018/07/23 18:14:32 tb Exp $ */ | 1 | /* $OpenBSD: bn_lcl.h,v 1.30 2018/11/05 23:52:47 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -583,6 +583,7 @@ BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, int | |||
| 583 | BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, int num); | 583 | BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, int num); |
| 584 | 584 | ||
| 585 | int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom); | 585 | int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom); |
| 586 | int bn_rand_interval(BIGNUM *rnd, const BIGNUM *lower_inc, const BIGNUM *upper_exc); | ||
| 586 | 587 | ||
| 587 | /* Explicitly const time / non-const time versions for internal use */ | 588 | /* Explicitly const time / non-const time versions for internal use */ |
| 588 | int BN_mod_exp_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | 589 | int BN_mod_exp_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, |
diff --git a/src/lib/libcrypto/bn/bn_rand.c b/src/lib/libcrypto/bn/bn_rand.c index 8625757140..63b8af8b95 100644 --- a/src/lib/libcrypto/bn/bn_rand.c +++ b/src/lib/libcrypto/bn/bn_rand.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: bn_rand.c,v 1.20 2017/05/02 03:59:44 deraadt Exp $ */ | 1 | /* $OpenBSD: bn_rand.c,v 1.21 2018/11/05 23:52:47 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -280,6 +280,33 @@ BN_rand_range(BIGNUM *r, const BIGNUM *range) | |||
| 280 | } | 280 | } |
| 281 | 281 | ||
| 282 | int | 282 | int |
| 283 | bn_rand_interval(BIGNUM *rnd, const BIGNUM *lower_inc, const BIGNUM *upper_exc) | ||
| 284 | { | ||
| 285 | BIGNUM *len = NULL; | ||
| 286 | int ret = 0; | ||
| 287 | |||
| 288 | if (BN_cmp(lower_inc, upper_exc) <= 0) | ||
| 289 | goto err; | ||
| 290 | |||
| 291 | if ((len = BN_new()) == NULL) | ||
| 292 | goto err; | ||
| 293 | |||
| 294 | if (!BN_sub(len, upper_exc, lower_inc)) | ||
| 295 | goto err; | ||
| 296 | |||
| 297 | if (!bn_rand_range(0, rnd, len)) | ||
| 298 | goto err; | ||
| 299 | |||
| 300 | if (!BN_add(rnd, rnd, lower_inc)) | ||
| 301 | goto err; | ||
| 302 | |||
| 303 | ret = 1; | ||
| 304 | err: | ||
| 305 | BN_free(len); | ||
| 306 | return ret; | ||
| 307 | } | ||
| 308 | |||
| 309 | int | ||
| 283 | BN_pseudo_rand_range(BIGNUM *r, const BIGNUM *range) | 310 | BN_pseudo_rand_range(BIGNUM *r, const BIGNUM *range) |
| 284 | { | 311 | { |
| 285 | return bn_rand_range(1, r, range); | 312 | return bn_rand_range(1, r, range); |