Change arc4random_uniform() to calculate ``2**32 % upper_bound'' as

``-upper_bound % upper_bound''.  Simplifies the code and makes it the
same on both ILP32 and LP64 architectures, and also slightly faster on
LP64 architectures by using a 32-bit remainder instead of a 64-bit
remainder.

Pointed out by Jorden Verwer on tech@
ok deraadt; no objections from djm or otto

1 files changed, 3 insertions, 12 deletions

diff --git a/src/lib/libc/crypt/arc4random.c b/src/lib/libc/crypt/arc4random.c
index 43c6fc0435..1697752a1a 100644
--- a/src/lib/libc/crypt/arc4random.c
+++ b/src/lib/libc/crypt/arc4random.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: arc4random.c,v 1.22 2010/12/22 08:23:42 otto Exp $    */
+/*      $OpenBSD: arc4random.c,v 1.23 2012/06/24 18:25:12 matthew Exp $ */
 
 /*
  * Copyright (c) 1996, David Mazieres <dm@uun.org>
@@ -214,17 +214,8 @@ arc4random_uniform(u_int32_t upper_bound)
         if (upper_bound < 2)
                 return 0;
 
-#if (ULONG_MAX > 0xffffffffUL)
-        min = 0x100000000UL % upper_bound;
-#else
-        /* Calculate (2**32 % upper_bound) avoiding 64-bit math */
-        if (upper_bound > 0x80000000)
-                min = 1 + ~upper_bound;         /* 2**32 - upper_bound */
-        else {
-                /* (2**32 - (x * 2)) % x == 2**32 % x when x <= 2**31 */
-                min = ((0xffffffff - (upper_bound * 2)) + 1) % upper_bound;
-        }
-#endif
+        /* 2**32 % x == (2**32 - x) % x */
+        min = -upper_bound % upper_bound;
 
         /*
          * This could theoretically loop forever but each retry has