diff options
Diffstat (limited to 'vendor/crypto-bigint/src/limb/rand.rs')
-rw-r--r-- | vendor/crypto-bigint/src/limb/rand.rs | 25 |
1 files changed, 9 insertions, 16 deletions
diff --git a/vendor/crypto-bigint/src/limb/rand.rs b/vendor/crypto-bigint/src/limb/rand.rs index 0bc8af31a..43471682d 100644 --- a/vendor/crypto-bigint/src/limb/rand.rs +++ b/vendor/crypto-bigint/src/limb/rand.rs @@ -2,41 +2,34 @@ use super::Limb; use crate::{Encoding, NonZero, Random, RandomMod}; -use rand_core::{CryptoRng, RngCore}; +use rand_core::CryptoRngCore; use subtle::ConstantTimeLess; -#[cfg_attr(docsrs, doc(cfg(feature = "rand_core")))] impl Random for Limb { #[cfg(target_pointer_width = "32")] - fn random(mut rng: impl CryptoRng + RngCore) -> Self { + fn random(rng: &mut impl CryptoRngCore) -> Self { Self(rng.next_u32()) } #[cfg(target_pointer_width = "64")] - fn random(mut rng: impl CryptoRng + RngCore) -> Self { + fn random(rng: &mut impl CryptoRngCore) -> Self { Self(rng.next_u64()) } } -#[cfg_attr(docsrs, doc(cfg(feature = "rand_core")))] impl RandomMod for Limb { - fn random_mod(mut rng: impl CryptoRng + RngCore, modulus: &NonZero<Self>) -> Self { + fn random_mod(rng: &mut impl CryptoRngCore, modulus: &NonZero<Self>) -> Self { let mut bytes = <Self as Encoding>::Repr::default(); - // TODO(tarcieri): use `div_ceil` when available - // See: https://github.com/rust-lang/rust/issues/88581 - let mut n_bytes = modulus.bits() / 8; - - // Ensure the randomly generated value can always be larger than - // the modulus in order to ensure a uniform distribution - if n_bytes < Self::BYTE_SIZE { - n_bytes += 1; - } + let n_bits = modulus.bits(); + let n_bytes = (n_bits + 7) / 8; + let mask = 0xff >> (8 * n_bytes - n_bits); loop { rng.fill_bytes(&mut bytes[..n_bytes]); - let n = Limb::from_le_bytes(bytes); + bytes[n_bytes - 1] &= mask; + let n = Limb::from_le_bytes(bytes); if n.ct_lt(modulus).into() { return n; } |