[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Wed Aug 10 14:11:46 UTC 2016
The branch master has been updated
via 2301d91dd58d9827865e360d616291f2549ec5bf (commit)
via f67cbb74437842a0f88f84f43a0faa968ca77b35 (commit)
from 5898b8eb87e464b80153cae3424f4d283cb841b6 (commit)
- Log -----------------------------------------------------------------
commit 2301d91dd58d9827865e360d616291f2549ec5bf
Author: Rich Salz <rsalz at openssl.org>
Date: Mon Aug 8 22:12:28 2016 -0400
Change callers to use the new constants.
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1429)
commit f67cbb74437842a0f88f84f43a0faa968ca77b35
Author: Rich Salz <rsalz at openssl.org>
Date: Mon Aug 8 15:25:16 2016 -0400
Add #defines for magic numbers in API.
Binary- and backward-compatible. Just better.
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1429)
-----------------------------------------------------------------------
Summary of changes:
crypto/bn/bn_gf2m.c | 2 +-
crypto/bn/bn_prime.c | 11 ++++++-----
crypto/bn/bn_rand.c | 4 ++--
crypto/bn/bn_x931p.c | 8 ++++----
crypto/dh/dh_key.c | 2 +-
doc/crypto/BN_rand.pod | 17 +++++++++++------
include/openssl/bn.h | 9 +++++++++
test/bntest.c | 2 +-
test/exptest.c | 8 ++++----
9 files changed, 39 insertions(+), 24 deletions(-)
diff --git a/crypto/bn/bn_gf2m.c b/crypto/bn/bn_gf2m.c
index 003c15b..b1987f5 100644
--- a/crypto/bn/bn_gf2m.c
+++ b/crypto/bn/bn_gf2m.c
@@ -1089,7 +1089,7 @@ int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[],
if (tmp == NULL)
goto err;
do {
- if (!BN_rand(rho, p[0], 0, 0))
+ if (!BN_rand(rho, p[0], BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))
goto err;
if (!BN_GF2m_mod_arr(rho, rho, p))
goto err;
diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c
index 8e7f4f5..5196958 100644
--- a/crypto/bn/bn_prime.c
+++ b/crypto/bn/bn_prime.c
@@ -310,7 +310,7 @@ int bn_probable_prime_dh_retry(BIGNUM *rnd, int bits, BN_CTX *ctx)
int ret = 0;
loop:
- if (!BN_rand(rnd, bits, 0, 1))
+ if (!BN_rand(rnd, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
goto err;
/* we now have a random number 'rand' to test. */
@@ -350,7 +350,8 @@ int bn_probable_prime_dh_coprime(BIGNUM *rnd, int bits, BN_CTX *ctx)
goto err;
loop:
- if (!BN_rand(rnd, bits - prime_multiplier_bits, 0, 1))
+ if (!BN_rand(rnd, bits - prime_multiplier_bits,
+ BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
goto err;
if (BN_is_bit_set(rnd, bits))
goto loop;
@@ -415,7 +416,7 @@ static int probable_prime(BIGNUM *rnd, int bits, prime_t *mods)
char is_single_word = bits <= BN_BITS2;
again:
- if (!BN_rand(rnd, bits, 1, 1))
+ if (!BN_rand(rnd, bits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ODD))
return (0);
/* we now have a random number 'rnd' to test. */
for (i = 1; i < NUMPRIMES; i++) {
@@ -499,7 +500,7 @@ int bn_probable_prime_dh(BIGNUM *rnd, int bits,
if ((t1 = BN_CTX_get(ctx)) == NULL)
goto err;
- if (!BN_rand(rnd, bits, 0, 1))
+ if (!BN_rand(rnd, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
goto err;
/* we need ((rnd-rem) % add) == 0 */
@@ -555,7 +556,7 @@ static int probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd,
if (!BN_rshift1(qadd, padd))
goto err;
- if (!BN_rand(q, bits, 0, 1))
+ if (!BN_rand(q, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
goto err;
/* we need ((rnd-rem) % add) == 0 */
diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c
index 9c0a4ee..5ad8050 100644
--- a/crypto/bn/bn_rand.c
+++ b/crypto/bn/bn_rand.c
@@ -130,7 +130,7 @@ static int bn_rand_range(int pseudo, BIGNUM *r, const BIGNUM *range)
* than range
*/
do {
- if (!bn_rand(r, n + 1, -1, 0))
+ if (!bn_rand(r, n + 1, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY))
return 0;
/*
* If r < 3*range, use r := r MOD range (which is either r, r -
@@ -156,7 +156,7 @@ static int bn_rand_range(int pseudo, BIGNUM *r, const BIGNUM *range)
} else {
do {
/* range = 11..._2 or range = 101..._2 */
- if (!bn_rand(r, n, -1, 0))
+ if (!bn_rand(r, n, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY))
return 0;
if (!--count) {
diff --git a/crypto/bn/bn_x931p.c b/crypto/bn/bn_x931p.c
index d863386..516ad34 100644
--- a/crypto/bn/bn_x931p.c
+++ b/crypto/bn/bn_x931p.c
@@ -170,14 +170,14 @@ int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx)
* - 1. By setting the top two bits we ensure that the lower bound is
* exceeded.
*/
- if (!BN_rand(Xp, nbits, 1, 0))
+ if (!BN_rand(Xp, nbits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ANY))
goto err;
BN_CTX_start(ctx);
t = BN_CTX_get(ctx);
for (i = 0; i < 1000; i++) {
- if (!BN_rand(Xq, nbits, 1, 0))
+ if (!BN_rand(Xq, nbits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ANY))
goto err;
/* Check that |Xp - Xq| > 2^(nbits - 100) */
BN_sub(t, Xp, Xq);
@@ -218,9 +218,9 @@ int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
if (!Xp2)
Xp2 = BN_CTX_get(ctx);
- if (!BN_rand(Xp1, 101, 0, 0))
+ if (!BN_rand(Xp1, 101, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))
goto error;
- if (!BN_rand(Xp2, 101, 0, 0))
+ if (!BN_rand(Xp2, 101, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))
goto error;
if (!BN_X931_derive_prime_ex(p, p1, p2, Xp, Xp1, Xp2, e, ctx, cb))
goto error;
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
index 21dada3..fe02190 100644
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -106,7 +106,7 @@ static int generate_key(DH *dh)
} else {
/* secret exponent length */
l = dh->length ? dh->length : BN_num_bits(dh->p) - 1;
- if (!BN_rand(priv_key, l, 0, 0))
+ if (!BN_rand(priv_key, l, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))
goto err;
}
}
diff --git a/doc/crypto/BN_rand.pod b/doc/crypto/BN_rand.pod
index c612c50..ba505e1 100644
--- a/doc/crypto/BN_rand.pod
+++ b/doc/crypto/BN_rand.pod
@@ -19,13 +19,18 @@ BN_rand, BN_pseudo_rand, BN_rand_range, BN_pseudo_rand_range - generate pseudo-r
=head1 DESCRIPTION
BN_rand() generates a cryptographically strong pseudo-random number of
-B<bits> in length and stores it in B<rnd>. If B<top> is -1, the
-most significant bit of the random number can be zero. If B<top> is 0,
-it is set to 1, and if B<top> is 1, the two most significant bits of
+B<bits> in length and stores it in B<rnd>.
+The value of B<bits> must be zero or greater.
+The B<top> parameters specifies
+requirements on the most significant bit of the generated number.
+If it is B<BN_RAND_TOP_ANY>, there is no constraint.
+If it is B<BN_RAND_TOP_ONE>, the top bit must be one.
+If it is B<BN_RAND_TOP_TWO>, the two most significant bits of
the number will be set to 1, so that the product of two such random
-numbers will always have 2*B<bits> length. If B<bottom> is true, the
-number will be odd. The value of B<bits> must be zero or greater. If B<bits> is
-1 then B<top> cannot also be 1.
+numbers will always have 2*B<bits> length.
+If B<bottom> is B<BN_RAND_BOTTOM_ODD>, the number will be odd; if it
+is B<BN_RAND_BOTTOM_ANY> it can be odd or even.
+If B<bits> is 1 then B<top> cannot also be B<BN_RAND_FLG_TOPTWO>.
BN_pseudo_rand() does the same, but pseudo-random numbers generated by
this function are not necessarily unpredictable. They can be used for
diff --git a/include/openssl/bn.h b/include/openssl/bn.h
index 4dc2abd..17bd521 100644
--- a/include/openssl/bn.h
+++ b/include/openssl/bn.h
@@ -82,6 +82,15 @@ extern "C" {
void BN_set_flags(BIGNUM *b, int n);
int BN_get_flags(const BIGNUM *b, int n);
+/* Values for |top| in BN_rand() */
+#define BN_RAND_TOP_ANY -1
+#define BN_RAND_TOP_ONE 0
+#define BN_RAND_TOP_TWO 1
+
+/* Values for |bottom| in BN_rand() */
+#define BN_RAND_BOTTOM_ANY 0
+#define BN_RAND_BOTTOM_ODD 1
+
/*
* get a clone of a BIGNUM with changed flags, for *temporary* use only (the
* two BIGNUMs cannot be used in parallel!). Also only for *read only* use. The
diff --git a/test/bntest.c b/test/bntest.c
index 763a8c2..3507b31 100644
--- a/test/bntest.c
+++ b/test/bntest.c
@@ -1220,7 +1220,7 @@ int test_gf2m_add(BIO *bp)
c = BN_new();
for (i = 0; i < num0; i++) {
- BN_rand(a, 512, 0, 0);
+ BN_rand(a, 512, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY);
BN_copy(b, BN_value_one());
a->neg = rand_neg();
b->neg = rand_neg();
diff --git a/test/exptest.c b/test/exptest.c
index f7df9cf..e58e0c2 100644
--- a/test/exptest.c
+++ b/test/exptest.c
@@ -72,7 +72,7 @@ static int test_exp_mod_zero()
if (!r)
goto err;
- if (!BN_rand(a, 1024, 0, 0))
+ if (!BN_rand(a, 1024, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))
goto err;
if (!BN_mod_exp(r, a, p, m, ctx))
@@ -168,15 +168,15 @@ int main(int argc, char *argv[])
for (i = 0; i < 200; i++) {
RAND_bytes(&c, 1);
c = (c % BN_BITS) - BN_BITS2;
- BN_rand(a, NUM_BITS + c, 0, 0);
+ BN_rand(a, NUM_BITS + c, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY);
RAND_bytes(&c, 1);
c = (c % BN_BITS) - BN_BITS2;
- BN_rand(b, NUM_BITS + c, 0, 0);
+ BN_rand(b, NUM_BITS + c, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY);
RAND_bytes(&c, 1);
c = (c % BN_BITS) - BN_BITS2;
- BN_rand(m, NUM_BITS + c, 0, 1);
+ BN_rand(m, NUM_BITS + c, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD);
BN_mod(a, a, m, ctx);
BN_mod(b, b, m, ctx);
More information about the openssl-commits
mailing list