diff options
| -rw-r--r-- | crypto/bn/bn_rand.c | 8 | ||||
| -rw-r--r-- | crypto/deterministic_nonce.c | 4 |
2 files changed, 12 insertions, 0 deletions
diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c index a93bd68c73..650d057470 100644 --- a/crypto/bn/bn_rand.c +++ b/crypto/bn/bn_rand.c @@ -274,6 +274,10 @@ int ossl_bn_priv_rand_range_fixed_top(BIGNUM *r, const BIGNUM *range, ossl_bn_mask_bits_fixed_top(r, n); } while (BN_ucmp(r, range) >= 0); +#ifdef BN_DEBUG + /* With BN_DEBUG on a fixed top number cannot be returned */ + bn_correct_top(r); +#endif } return 1; @@ -370,6 +374,10 @@ int ossl_bn_gen_dsa_nonce_fixed_top(BIGNUM *out, const BIGNUM *range, if (BN_ucmp(out, range) < 0) { ret = 1; +#ifdef BN_DEBUG + /* With BN_DEBUG on a fixed top number cannot be returned */ + bn_correct_top(out); +#endif goto end; } } diff --git a/crypto/deterministic_nonce.c b/crypto/deterministic_nonce.c index a37edea2a1..67a5b98d2b 100644 --- a/crypto/deterministic_nonce.c +++ b/crypto/deterministic_nonce.c @@ -227,6 +227,10 @@ int ossl_gen_deterministic_nonce_rfc6979(BIGNUM *out, const BIGNUM *q, } while (ossl_bn_is_word_fixed_top(out, 0) || ossl_bn_is_word_fixed_top(out, 1) || BN_ucmp(out, q) >= 0); +#ifdef BN_DEBUG + /* With BN_DEBUG on a fixed top number cannot be returned */ + bn_correct_top(out); +#endif ret = 1; end: |