X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fbn%2Fbn_prime.c;h=96eb1b3c347f495f9f8827b6d1e60985f1102b5e;hp=64c7cd6a63044547417bcf0b7311d50425e357e8;hb=HEAD;hpb=5cbd2ea3f94aa8adec9b4486ac757d4d688e3f8c diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c index 64c7cd6a63..96eb1b3c34 100644 --- a/crypto/bn/bn_prime.c +++ b/crypto/bn/bn_prime.c @@ -145,10 +145,8 @@ int BN_generate_prime_ex2(BIGNUM *ret, int bits, int safe, } mods = OPENSSL_zalloc(sizeof(*mods) * NUMPRIMES); - if (mods == NULL) { - ERR_raise(ERR_LIB_BN, ERR_R_MALLOC_FAILURE); + if (mods == NULL) return 0; - } BN_CTX_start(ctx); t = BN_CTX_get(ctx); @@ -252,6 +250,17 @@ int ossl_bn_check_prime(const BIGNUM *w, int checks, BN_CTX *ctx, return bn_is_prime_int(w, checks, ctx, do_trial_division, cb); } +/* + * Use this only for key generation. + * It always uses trial division. The number of checks + * (MR rounds) passed in is used without being clamped to a minimum value. + */ +int ossl_bn_check_generated_prime(const BIGNUM *w, int checks, BN_CTX *ctx, + BN_GENCB *cb) +{ + return bn_is_prime_int(w, checks, ctx, 1, cb); +} + int BN_check_prime(const BIGNUM *p, BN_CTX *ctx, BN_GENCB *cb) { return ossl_bn_check_prime(p, 0, ctx, 1, cb); @@ -308,9 +317,10 @@ static int bn_is_prime_int(const BIGNUM *w, int checks, BN_CTX *ctx, goto err; #endif - ret = ossl_bn_miller_rabin_is_prime(w, checks, ctx, cb, 0, &status); - if (!ret) + if (!ossl_bn_miller_rabin_is_prime(w, checks, ctx, cb, 0, &status)) { + ret = -1; goto err; + } ret = (status == BN_PRIMETEST_PROBABLY_PRIME); err: #ifndef FIPS_MODULE @@ -483,7 +493,6 @@ static int probable_prime(BIGNUM *rnd, int bits, int safe, prime_t *mods, BN_ULONG maxdelta = BN_MASK2 - primes[trial_divisions - 1]; again: - /* TODO: Not all primes are private */ if (!BN_priv_rand_ex(rnd, bits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ODD, 0, ctx)) return 0;