Change callers to use the new constants.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1429)

crypto/bn/bn_gf2m.c

@@ -1089,7 +1089,7 @@ int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[],
         if (tmp == NULL)
             goto err;
         do {
-            if (!BN_rand(rho, p[0], 0, 0))
+            if (!BN_rand(rho, p[0], BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))
                 goto err;
             if (!BN_GF2m_mod_arr(rho, rho, p))
                 goto err;

crypto/bn/bn_prime.c

@@ -310,7 +310,7 @@ int bn_probable_prime_dh_retry(BIGNUM *rnd, int bits, BN_CTX *ctx)
     int ret = 0;
 
  loop:
-    if (!BN_rand(rnd, bits, 0, 1))
+    if (!BN_rand(rnd, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
         goto err;
 
     /* we now have a random number 'rand' to test. */
@@ -350,7 +350,8 @@ int bn_probable_prime_dh_coprime(BIGNUM *rnd, int bits, BN_CTX *ctx)
         goto err;
 
  loop:
-    if (!BN_rand(rnd, bits - prime_multiplier_bits, 0, 1))
+    if (!BN_rand(rnd, bits - prime_multiplier_bits,
+                 BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
         goto err;
     if (BN_is_bit_set(rnd, bits))
         goto loop;
@@ -415,7 +416,7 @@ static int probable_prime(BIGNUM *rnd, int bits, prime_t *mods)
     char is_single_word = bits <= BN_BITS2;
 
  again:
-    if (!BN_rand(rnd, bits, 1, 1))
+    if (!BN_rand(rnd, bits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ODD))
         return (0);
     /* we now have a random number 'rnd' to test. */
     for (i = 1; i < NUMPRIMES; i++) {
@@ -499,7 +500,7 @@ int bn_probable_prime_dh(BIGNUM *rnd, int bits,
     if ((t1 = BN_CTX_get(ctx)) == NULL)
         goto err;
 
-    if (!BN_rand(rnd, bits, 0, 1))
+    if (!BN_rand(rnd, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
         goto err;
 
     /* we need ((rnd-rem) % add) == 0 */
@@ -555,7 +556,7 @@ static int probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd,
     if (!BN_rshift1(qadd, padd))
         goto err;
 
-    if (!BN_rand(q, bits, 0, 1))
+    if (!BN_rand(q, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
         goto err;
 
     /* we need ((rnd-rem) % add) == 0 */

crypto/bn/bn_rand.c

@@ -130,7 +130,7 @@ static int bn_rand_range(int pseudo, BIGNUM *r, const BIGNUM *range)
          * than range
          */
         do {
-            if (!bn_rand(r, n + 1, -1, 0))
+            if (!bn_rand(r, n + 1, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY))
                 return 0;
             /*
              * If r < 3*range, use r := r MOD range (which is either r, r -
@@ -156,7 +156,7 @@ static int bn_rand_range(int pseudo, BIGNUM *r, const BIGNUM *range)
     } else {
         do {
             /* range = 11..._2  or  range = 101..._2 */
-            if (!bn_rand(r, n, -1, 0))
+            if (!bn_rand(r, n, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY))
                 return 0;
 
             if (!--count) {

crypto/bn/bn_x931p.c

@@ -170,14 +170,14 @@ int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx)
      * - 1. By setting the top two bits we ensure that the lower bound is
      * exceeded.
      */
-    if (!BN_rand(Xp, nbits, 1, 0))
+    if (!BN_rand(Xp, nbits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ANY))
         goto err;
 
     BN_CTX_start(ctx);
     t = BN_CTX_get(ctx);
 
     for (i = 0; i < 1000; i++) {
-        if (!BN_rand(Xq, nbits, 1, 0))
+        if (!BN_rand(Xq, nbits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ANY))
             goto err;
         /* Check that |Xp - Xq| > 2^(nbits - 100) */
         BN_sub(t, Xp, Xq);
@@ -218,9 +218,9 @@ int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
     if (!Xp2)
         Xp2 = BN_CTX_get(ctx);
 
-    if (!BN_rand(Xp1, 101, 0, 0))
+    if (!BN_rand(Xp1, 101, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))
         goto error;
-    if (!BN_rand(Xp2, 101, 0, 0))
+    if (!BN_rand(Xp2, 101, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))
         goto error;
     if (!BN_X931_derive_prime_ex(p, p1, p2, Xp, Xp1, Xp2, e, ctx, cb))
         goto error;

crypto/dh/dh_key.c

@@ -106,7 +106,7 @@ static int generate_key(DH *dh)
         } else {
             /* secret exponent length */
             l = dh->length ? dh->length : BN_num_bits(dh->p) - 1;
-            if (!BN_rand(priv_key, l, 0, 0))
+            if (!BN_rand(priv_key, l, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))
                 goto err;
         }
     }

test/bntest.c

@@ -1220,7 +1220,7 @@ int test_gf2m_add(BIO *bp)
     c = BN_new();
 
     for (i = 0; i < num0; i++) {
-        BN_rand(a, 512, 0, 0);
+        BN_rand(a, 512, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY);
         BN_copy(b, BN_value_one());
         a->neg = rand_neg();
         b->neg = rand_neg();

test/exptest.c

@@ -72,7 +72,7 @@ static int test_exp_mod_zero()
     if (!r)
         goto err;
 
-    if (!BN_rand(a, 1024, 0, 0))
+    if (!BN_rand(a, 1024, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))
         goto err;
 
     if (!BN_mod_exp(r, a, p, m, ctx))
@@ -168,15 +168,15 @@ int main(int argc, char *argv[])
     for (i = 0; i < 200; i++) {
         RAND_bytes(&c, 1);
         c = (c % BN_BITS) - BN_BITS2;
-        BN_rand(a, NUM_BITS + c, 0, 0);
+        BN_rand(a, NUM_BITS + c, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY);
 
         RAND_bytes(&c, 1);
         c = (c % BN_BITS) - BN_BITS2;
-        BN_rand(b, NUM_BITS + c, 0, 0);
+        BN_rand(b, NUM_BITS + c, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY);
 
         RAND_bytes(&c, 1);
         c = (c % BN_BITS) - BN_BITS2;
-        BN_rand(m, NUM_BITS + c, 0, 1);
+        BN_rand(m, NUM_BITS + c, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD);
 
         BN_mod(a, a, m, ctx);
         BN_mod(b, b, m, ctx);