From 63569101089cbba78ffa6d2b7ab83e719262f5f0 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Tue, 6 Nov 2018 07:02:33 +0000
Subject: unrevert the use of bn_rand_interval().

ok beck jsing
---
 src/lib/libcrypto/dsa/dsa_ossl.c | 17 +++++------------
 1 file changed, 5 insertions(+), 12 deletions(-)

(limited to 'src/lib/libcrypto/dsa/dsa_ossl.c')

diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c
index 6eb391ddeb..fd56e8feee 100644
--- a/src/lib/libcrypto/dsa/dsa_ossl.c
+++ b/src/lib/libcrypto/dsa/dsa_ossl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_ossl.c,v 1.39 2018/11/06 02:14:39 tb Exp $ */
+/* $OpenBSD: dsa_ossl.c,v 1.40 2018/11/06 07:02:33 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -150,13 +150,9 @@ dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	 *
 	 *  s = inv(k)inv(b)(bm + bxr) mod q
 	 *
-	 * Where b is a random value in the range [1, q-1].
+	 * Where b is a random value in the range [1, q).
 	 */
-	if (!BN_sub(&bm, dsa->q, BN_value_one()))
-		goto err;
-	if (!BN_rand_range(&b, &bm))
-		goto err;
-	if (!BN_add(&b, &b, BN_value_one()))
+	if (!bn_rand_interval(&b, BN_value_one(), dsa->q))
 		goto err;
 	if (BN_mod_inverse_ct(&binv, &b, dsa->q, ctx) == NULL)
 		goto err;
@@ -242,11 +238,8 @@ dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 	    !BN_set_bit(&m, q_bits))
 		goto err;
 
-	/* Get random k */
-	do {
-		if (!BN_rand_range(&k, dsa->q))
-			goto err;
-	} while (BN_is_zero(&k));
+	if (!bn_rand_interval(&k, BN_value_one(), dsa->q))
+		goto err;
 
 	BN_set_flags(&k, BN_FLG_CONSTTIME);
 
-- 
cgit v1.2.3-55-g6feb