From 9180c3542045767fb7ca507fe2bf8c6b2b4b355c Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Tue, 18 Jun 2019 11:10:33 +0900
Subject: [PATCH] Fix bn.c.

---
 ChangeLog |  4 ++++
 src/bn.c  | 23 +++++++++++------------
 2 files changed, 15 insertions(+), 12 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index b2f2855..223c310 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2019-06-18  NIIBE Yutaka  <gniibe@fsij.org>
+
+	* src/bn.c (bn256_random): More portable.
+
 2019-04-03  NIIBE Yutaka  <gniibe@fsij.org>
 
 	* tests: Factor out tests into classes.
diff --git a/src/bn.c b/src/bn.c
index afc7662..9f32e60 100644
--- a/src/bn.c
+++ b/src/bn.c
@@ -1,7 +1,8 @@
 /*
  * bn.c -- 256-bit (and 512-bit) bignum calculation
  *
- * Copyright (C) 2011, 2013, 2014 Free Software Initiative of Japan
+ * Copyright (C) 2011, 2013, 2014, 2019
+ *               Free Software Initiative of Japan
  * Author: NIIBE Yutaka <gniibe@fsij.org>
  *
  * This file is a part of Gnuk, a GnuPG USB Token implementation.
@@ -412,17 +413,15 @@ bn256_cmp (const bn256 *A, const bn256 *B)
 void
 bn256_random (bn256 *X)
 {
-  const uint8_t *rand = random_bytes_get ();
+  int i, j;
+  const uint8_t *rand;
 
-  X->word[7] = ((uint32_t *)rand)[7];
-  X->word[6] = ((uint32_t *)rand)[6];
-  X->word[5] = ((uint32_t *)rand)[5];
-  X->word[4] = ((uint32_t *)rand)[4];
-  X->word[3] = ((uint32_t *)rand)[3];
-  X->word[2] = ((uint32_t *)rand)[2];
-  X->word[1] = ((uint32_t *)rand)[1];
-  X->word[0] = ((uint32_t *)rand)[0];
-
-  random_bytes_free (rand);
+  for (i = 0; i < 256/256; i++)
+    {
+      rand = random_bytes_get ();
+      for (j = 0; j < BN256_WORDS; j++)
+	X->word[i*BN256_WORDS+j] = ((uint32_t *)rand)[j];
+      random_bytes_free (rand);
+    }
 }
 #endif