hcrypto: fix off-by-one set-bit counting

lib/hcrypto/bn.c

@@ -237,7 +237,7 @@ BN_is_bit_set(const BIGNUM *bn, int bit)
     heim_integer *hi = (heim_integer *)bn;
     unsigned char *p = hi->data;
 
-    if ((bit / 8) > hi->length || hi->length == 0)
+    if ((bit / 8) >= hi->length || hi->length == 0)
 	return 0;
 
     return p[hi->length - 1 - (bit / 8)] & is_set[bit % 8];

lib/hcrypto/dh.c

@@ -305,7 +305,7 @@ DH_check_pubkey(const DH *dh, const BIGNUM *pub_key, int *codes)
 	unsigned i, n = BN_num_bits(pub_key);
 	unsigned bits = 0;
 
-	for (i = 0; i <= n; i++)
+	for (i = 0; i < n; i++)
 	    if (BN_is_bit_set(pub_key, i))
 		bits++;