diff options
author | Tomas Mraz <tomas@openssl.org> | 2024-04-29 17:56:01 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2024-05-02 09:21:30 +0200 |
commit | 9c85f6cd2d6debe5ef6ef475ff4bf17e0985f7a2 (patch) | |
tree | 4bc89d0b0f33d0e15631b9edbc5da0236f02405a /include | |
parent | 13b3ca5c998e6db4f7251a56c43541cb1a422bd0 (diff) | |
download | openssl-9c85f6cd2d6debe5ef6ef475ff4bf17e0985f7a2.tar.gz |
Rename BN_generate_dsa_nonce() to ossl_bn_gen_dsa_nonce_fixed_top()
And create a new BN_generate_dsa_nonce() that corrects the BIGNUM top.
We do this to avoid leaking fixed top numbers via the public API.
Also add a slight optimization in ossl_bn_gen_dsa_nonce_fixed_top()
and make it LE/BE agnostic.
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24265)
Diffstat (limited to 'include')
-rw-r--r-- | include/crypto/bn.h | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/include/crypto/bn.h b/include/crypto/bn.h index 308cf57502..9a988a467d 100644 --- a/include/crypto/bn.h +++ b/include/crypto/bn.h @@ -91,6 +91,10 @@ int ossl_bn_mask_bits_fixed_top(BIGNUM *a, int n); int ossl_bn_is_word_fixed_top(const BIGNUM *a, BN_ULONG w); int ossl_bn_priv_rand_range_fixed_top(BIGNUM *r, const BIGNUM *range, unsigned int strength, BN_CTX *ctx); +int ossl_bn_gen_dsa_nonce_fixed_top(BIGNUM *out, const BIGNUM *range, + const BIGNUM *priv, + const unsigned char *message, + size_t message_len, BN_CTX *ctx); #define BN_PRIMETEST_COMPOSITE 0 #define BN_PRIMETEST_COMPOSITE_WITH_FACTOR 1 |