1 files changed, 17 insertions, 5 deletions

diff --git a/src/common/crypto.c b/src/common/crypto.c
index 1ecc24ce2..05c1ce9ea 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -777,6 +777,17 @@ crypto_pk_keysize(crypto_pk_env_t *env)
   return (size_t) RSA_size(env->key);
 }
 
+/** Return the size of the public key modulus of <b>env</b>, in bits. */
+int
+crypto_pk_num_bits(crypto_pk_env_t *env)
+{
+  tor_assert(env);
+  tor_assert(env->key);
+  tor_assert(env->key->n);
+
+  return BN_num_bits(env->key->n);
+}
+
 /** Increase the reference count of <b>env</b>, and return it.
  */
 crypto_pk_env_t *
@@ -937,7 +948,7 @@ crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const char *data,
     log_warn(LD_BUG, "couldn't compute digest");
     return -1;
   }
-  buflen = crypto_pk_keysize(env)+1;
+  buflen = crypto_pk_keysize(env);
   buf = tor_malloc(buflen);
   r = crypto_pk_public_checksig(env,buf,buflen,sig,siglen);
   if (r != DIGEST_LEN) {
@@ -1122,8 +1133,8 @@ crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
                                      warnOnFailure);
   }
 
-  buf = tor_malloc(pkeylen+1);
-  outlen = crypto_pk_private_decrypt(env,buf,pkeylen+1,from,pkeylen,padding,
+  buf = tor_malloc(pkeylen);
+  outlen = crypto_pk_private_decrypt(env,buf,pkeylen,from,pkeylen,padding,
                                      warnOnFailure);
   if (outlen<0) {
     log_fn(warnOnFailure?LOG_WARN:LOG_DEBUG, LD_CRYPTO,
@@ -2134,13 +2145,14 @@ crypto_rand(char *to, size_t n)
 }
 
 /** Return a pseudorandom integer, chosen uniformly from the values
- * between 0 and <b>max</b>-1. */
+ * between 0 and <b>max</b>-1 inclusive.  <b>max</b> must be between 1 and
+ * INT_MAX+1, inclusive. */
 int
 crypto_rand_int(unsigned int max)
 {
   unsigned int val;
   unsigned int cutoff;
-  tor_assert(max < UINT_MAX);
+  tor_assert(max <= ((unsigned int)INT_MAX)+1);
   tor_assert(max > 0); /* don't div by 0 */
 
   /* We ignore any values that are >= 'cutoff,' to avoid biasing the