From e680fe5b2098d1406fab3bb3994254f026651090 Mon Sep 17 00:00:00 2001 From: tb <> Date: Thu, 3 Aug 2023 18:53:56 +0000 Subject: Make the bn_rand_interval() API a bit more ergonomic Provide bn_rand_in_range() which is a slightly tweaked version of what was previously called bn_rand_range(). The way bn_rand_range() is called in libcrypto, the lower bound is always expressible as a word. In fact, most of the time it is 1, the DH code uses a 2, the MR tests in BPSW use 3 and an exceptinally high number appears in the Tonelli-Shanks implementation where we use 32. Converting these lower bounds to BIGNUMs on the call site is annoying so let bn_rand_interval() do that internally and route that through bn_rand_in_range(). This way we can avoid using BN_sub_word(). Adjust the bn_isqrt() test to use bn_rand_in_range() since that's the only caller that uses actual BIGNUMs as lower bounds. ok jsing --- src/lib/libcrypto/ec/ec_key.c | 4 ++-- src/lib/libcrypto/ec/ecp_smpl.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'src/lib/libcrypto/ec') diff --git a/src/lib/libcrypto/ec/ec_key.c b/src/lib/libcrypto/ec/ec_key.c index e5ff189803..d9ddd5d797 100644 --- a/src/lib/libcrypto/ec/ec_key.c +++ b/src/lib/libcrypto/ec/ec_key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_key.c,v 1.36 2023/07/07 13:54:45 beck Exp $ */ +/* $OpenBSD: ec_key.c,v 1.37 2023/08/03 18:53:56 tb Exp $ */ /* * Written by Nils Larsch for the OpenSSL project. */ @@ -269,7 +269,7 @@ ec_key_gen(EC_KEY *eckey) if ((order = EC_GROUP_get0_order(eckey->group)) == NULL) goto err; - if (!bn_rand_interval(priv_key, BN_value_one(), order)) + if (!bn_rand_interval(priv_key, 1, order)) goto err; if (!EC_POINT_mul(eckey->group, pub_key, priv_key, NULL, NULL, NULL)) goto err; diff --git a/src/lib/libcrypto/ec/ecp_smpl.c b/src/lib/libcrypto/ec/ecp_smpl.c index de1f9a3472..018aedfd4e 100644 --- a/src/lib/libcrypto/ec/ecp_smpl.c +++ b/src/lib/libcrypto/ec/ecp_smpl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecp_smpl.c,v 1.55 2023/07/26 17:15:25 tb Exp $ */ +/* $OpenBSD: ecp_smpl.c,v 1.56 2023/08/03 18:53:56 tb Exp $ */ /* Includes code written by Lenka Fibikova * for the OpenSSL project. * Includes code written by Bodo Moeller for the OpenSSL project. @@ -1227,7 +1227,7 @@ ec_GFp_simple_blind_coordinates(const EC_GROUP *group, EC_POINT *p, BN_CTX *ctx) goto err; /* Generate lambda in [1, group->field). */ - if (!bn_rand_interval(lambda, BN_value_one(), &group->field)) + if (!bn_rand_interval(lambda, 1, &group->field)) goto err; if (group->meth->field_encode != NULL && -- cgit v1.2.3-55-g6feb