On Fri, Feb 09, 2001, Bodo Moeller wrote:
> What about a combined version of BN_rand_range (see below)? Then
> dsa_ossl.c needs just this:
>
> /* Get random k */
> if (!BN_rand_range(&k, BN_value_one(), dsa->q, NULL)) goto err;
That's better, but it makes for a quite confusing interface:
> /* random number r: minimum + offset <= r < range + offset
If you're worried about inefficiency for a large "minimum", the function
should turn that into an offset internally rather than export the problem to
the API.
In the case that an app already has "range" and "offset" it seems more natural
to add "offset" afterward than to have it combined with the random function.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
