BN_check_prime() is supposed to return 0 for a composite number and -1
on error. Properly translate the return value of the internal function
ossl_bn_miller_rabin_is_prime(), where 0 means an error.
The confusion prevented BN_GENCB callbacks from aborting the primality
test or key generation routines utilizing this.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19314)
(cherry picked from commit
0b3867634f74f6cb7b60b3a0adde396421207214)
goto err;
#endif
- ret = ossl_bn_miller_rabin_is_prime(w, checks, ctx, cb, 0, &status);
- if (!ret)
+ if (!ossl_bn_miller_rabin_is_prime(w, checks, ctx, cb, 0, &status)) {
+ ret = -1;
goto err;
+ }
ret = (status == BN_PRIMETEST_PROBABLY_PRIME);
err:
#ifndef FIPS_MODULE