Don't set the two top bits to one when generating a random number < q.:wq
This commit is contained in:
Ulf Möller
parent
4041156461
commit
c11dead17c
2 changed files with 2 additions and 2 deletions
|
|
@ -84,7 +84,7 @@ int DSA_generate_key(DSA *dsa)
|
|||
i=BN_num_bits(dsa->q);
|
||||
for (;;)
|
||||
{
|
||||
if (!BN_rand(priv_key,i,1,0))
|
||||
if (!BN_rand(priv_key,i,0,0))
|
||||
goto err;
|
||||
if (BN_cmp(priv_key,dsa->q) >= 0)
|
||||
BN_sub(priv_key,priv_key,dsa->q);
|
||||
|
|
|
|||
|
|
@ -181,7 +181,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
|
|||
/* Get random k */
|
||||
for (;;)
|
||||
{
|
||||
if (!BN_rand(&k, BN_num_bits(dsa->q), 1, 0)) goto err;
|
||||
if (!BN_rand(&k, BN_num_bits(dsa->q), 0, 0)) goto err;
|
||||
if (BN_cmp(&k,dsa->q) >= 0)
|
||||
BN_sub(&k,&k,dsa->q);
|
||||
if (!BN_is_zero(&k)) break;
|
||||
|
|
|
|||
Loading…
Reference in a new issue