Bignum core: random: prepare to break out the core function
Shuffle things around a bit inside mbedtls_mpi_random() in preparation for breaking out mbedtls_mpi_core_random(). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
8a32a75aa2
commit
26be89b3f6
1 changed files with 14 additions and 12 deletions
|
@ -1966,17 +1966,24 @@ int mbedtls_mpi_random( mbedtls_mpi *X,
|
|||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
|
||||
int count;
|
||||
unsigned ge_lower = 1, lt_upper = 0;
|
||||
size_t n_bits = mbedtls_mpi_bitlen( N );
|
||||
size_t n_bytes = ( n_bits + 7 ) / 8;
|
||||
|
||||
if( min < 0 )
|
||||
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
|
||||
if( mbedtls_mpi_cmp_int( N, min ) <= 0 )
|
||||
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
|
||||
|
||||
/* Ensure that target MPI has exactly the same number of limbs
|
||||
* as the upper bound, even if the upper bound has leading zeros.
|
||||
* This is necessary for the mbedtls_mpi_lt_mpi_ct() check. */
|
||||
int ret = mbedtls_mpi_resize_clear( X, N->n );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
unsigned ge_lower = 1, lt_upper = 0;
|
||||
size_t n_bits = mbedtls_mpi_bitlen( N );
|
||||
size_t n_bytes = ( n_bits + 7 ) / 8;
|
||||
|
||||
ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
|
||||
|
||||
/*
|
||||
* When min == 0, each try has at worst a probability 1/2 of failing
|
||||
* (the msb has a probability 1/2 of being 0, and then the result will
|
||||
|
@ -1994,12 +2001,7 @@ int mbedtls_mpi_random( mbedtls_mpi *X,
|
|||
* is small, use a higher repeat count, otherwise the probability of
|
||||
* failure is macroscopic.
|
||||
*/
|
||||
count = ( n_bytes > 4 ? 30 : 250 );
|
||||
|
||||
/* Ensure that target MPI has exactly the same number of limbs
|
||||
* as the upper bound, even if the upper bound has leading zeros.
|
||||
* This is necessary for the mbedtls_mpi_lt_mpi_ct() check. */
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_resize_clear( X, N->n ) );
|
||||
int count = ( n_bytes > 4 ? 30 : 250 );
|
||||
|
||||
/*
|
||||
* Match the procedure given in RFC 6979 §3.3 (deterministic ECDSA)
|
||||
|
|
Loading…
Reference in a new issue