summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/bn/bn.h4
-rw-r--r--src/lib/libcrypto/bn/bn_err.c4
-rw-r--r--src/lib/libcrypto/bn/bn_prime.c18
-rw-r--r--src/lib/libssl/src/crypto/bn/bn.h4
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_err.c4
-rw-r--r--src/lib/libssl/src/crypto/bn/bn_prime.c18
6 files changed, 44 insertions, 8 deletions
diff --git a/src/lib/libcrypto/bn/bn.h b/src/lib/libcrypto/bn/bn.h
index 33c6162874..2c648ba2ee 100644
--- a/src/lib/libcrypto/bn/bn.h
+++ b/src/lib/libcrypto/bn/bn.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn.h,v 1.27 2015/10/16 12:41:29 beck Exp $ */ 1/* $OpenBSD: bn.h,v 1.28 2015/10/21 19:02:22 miod Exp $ */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -768,6 +768,7 @@ void ERR_load_BN_strings(void);
768#define BN_F_BN_DIV_RECP 130 768#define BN_F_BN_DIV_RECP 130
769#define BN_F_BN_EXP 123 769#define BN_F_BN_EXP 123
770#define BN_F_BN_EXPAND2 108 770#define BN_F_BN_EXPAND2 108
771#define BN_F_BN_GENERATE_PRIME_EX 140
771#define BN_F_BN_EXPAND_INTERNAL 120 772#define BN_F_BN_EXPAND_INTERNAL 120
772#define BN_F_BN_GF2M_MOD 131 773#define BN_F_BN_GF2M_MOD 131
773#define BN_F_BN_GF2M_MOD_EXP 132 774#define BN_F_BN_GF2M_MOD_EXP 132
@@ -797,6 +798,7 @@ void ERR_load_BN_strings(void);
797#define BN_R_ARG2_LT_ARG3 100 798#define BN_R_ARG2_LT_ARG3 100
798#define BN_R_BAD_RECIPROCAL 101 799#define BN_R_BAD_RECIPROCAL 101
799#define BN_R_BIGNUM_TOO_LONG 114 800#define BN_R_BIGNUM_TOO_LONG 114
801#define BN_R_BITS_TOO_SMALL 117
800#define BN_R_CALLED_WITH_EVEN_MODULUS 102 802#define BN_R_CALLED_WITH_EVEN_MODULUS 102
801#define BN_R_DIV_BY_ZERO 103 803#define BN_R_DIV_BY_ZERO 103
802#define BN_R_ENCODING_ERROR 104 804#define BN_R_ENCODING_ERROR 104
diff --git a/src/lib/libcrypto/bn/bn_err.c b/src/lib/libcrypto/bn/bn_err.c
index 5a0f359d86..149e58eafc 100644
--- a/src/lib/libcrypto/bn/bn_err.c
+++ b/src/lib/libcrypto/bn/bn_err.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_err.c,v 1.12 2014/07/10 22:45:56 jsing Exp $ */ 1/* $OpenBSD: bn_err.c,v 1.13 2015/10/21 19:02:22 miod Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -89,6 +89,7 @@ static ERR_STRING_DATA BN_str_functs[]= {
89 {ERR_FUNC(BN_F_BN_EXP), "BN_exp"}, 89 {ERR_FUNC(BN_F_BN_EXP), "BN_exp"},
90 {ERR_FUNC(BN_F_BN_EXPAND2), "bn_expand2"}, 90 {ERR_FUNC(BN_F_BN_EXPAND2), "bn_expand2"},
91 {ERR_FUNC(BN_F_BN_EXPAND_INTERNAL), "BN_EXPAND_INTERNAL"}, 91 {ERR_FUNC(BN_F_BN_EXPAND_INTERNAL), "BN_EXPAND_INTERNAL"},
92 {ERR_FUNC(BN_F_BN_GENERATE_PRIME_EX), "BN_generate_prime_ex"},
92 {ERR_FUNC(BN_F_BN_GF2M_MOD), "BN_GF2m_mod"}, 93 {ERR_FUNC(BN_F_BN_GF2M_MOD), "BN_GF2m_mod"},
93 {ERR_FUNC(BN_F_BN_GF2M_MOD_EXP), "BN_GF2m_mod_exp"}, 94 {ERR_FUNC(BN_F_BN_GF2M_MOD_EXP), "BN_GF2m_mod_exp"},
94 {ERR_FUNC(BN_F_BN_GF2M_MOD_MUL), "BN_GF2m_mod_mul"}, 95 {ERR_FUNC(BN_F_BN_GF2M_MOD_MUL), "BN_GF2m_mod_mul"},
@@ -119,6 +120,7 @@ static ERR_STRING_DATA BN_str_reasons[]= {
119 {ERR_REASON(BN_R_ARG2_LT_ARG3) , "arg2 lt arg3"}, 120 {ERR_REASON(BN_R_ARG2_LT_ARG3) , "arg2 lt arg3"},
120 {ERR_REASON(BN_R_BAD_RECIPROCAL) , "bad reciprocal"}, 121 {ERR_REASON(BN_R_BAD_RECIPROCAL) , "bad reciprocal"},
121 {ERR_REASON(BN_R_BIGNUM_TOO_LONG) , "bignum too long"}, 122 {ERR_REASON(BN_R_BIGNUM_TOO_LONG) , "bignum too long"},
123 {ERR_REASON(BN_R_BITS_TOO_SMALL) , "bits too small"},
122 {ERR_REASON(BN_R_CALLED_WITH_EVEN_MODULUS), "called with even modulus"}, 124 {ERR_REASON(BN_R_CALLED_WITH_EVEN_MODULUS), "called with even modulus"},
123 {ERR_REASON(BN_R_DIV_BY_ZERO) , "div by zero"}, 125 {ERR_REASON(BN_R_DIV_BY_ZERO) , "div by zero"},
124 {ERR_REASON(BN_R_ENCODING_ERROR) , "encoding error"}, 126 {ERR_REASON(BN_R_ENCODING_ERROR) , "encoding error"},
diff --git a/src/lib/libcrypto/bn/bn_prime.c b/src/lib/libcrypto/bn/bn_prime.c
index 02780d32e6..b1aba663df 100644
--- a/src/lib/libcrypto/bn/bn_prime.c
+++ b/src/lib/libcrypto/bn/bn_prime.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_prime.c,v 1.13 2015/02/09 15:49:22 jsing Exp $ */ 1/* $OpenBSD: bn_prime.c,v 1.14 2015/10/21 19:02:22 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -112,6 +112,8 @@
112#include <stdio.h> 112#include <stdio.h>
113#include <time.h> 113#include <time.h>
114 114
115#include <openssl/err.h>
116
115#include "bn_lcl.h" 117#include "bn_lcl.h"
116 118
117/* NB: these functions have been "upgraded", the deprecated versions (which are 119/* NB: these functions have been "upgraded", the deprecated versions (which are
@@ -164,7 +166,16 @@ BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
164 int found = 0; 166 int found = 0;
165 int i, j, c1 = 0; 167 int i, j, c1 = 0;
166 BN_CTX *ctx; 168 BN_CTX *ctx;
167 int checks = BN_prime_checks_for_size(bits); 169 int checks;
170
171 if (bits < 2 || (bits == 2 && safe)) {
172 /*
173 * There are no prime numbers smaller than 2, and the smallest
174 * safe prime (7) spans three bits.
175 */
176 BNerr(BN_F_BN_GENERATE_PRIME_EX, BN_R_BITS_TOO_SMALL);
177 return 0;
178 }
168 179
169 ctx = BN_CTX_new(); 180 ctx = BN_CTX_new();
170 if (ctx == NULL) 181 if (ctx == NULL)
@@ -172,6 +183,9 @@ BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
172 BN_CTX_start(ctx); 183 BN_CTX_start(ctx);
173 if ((t = BN_CTX_get(ctx)) == NULL) 184 if ((t = BN_CTX_get(ctx)) == NULL)
174 goto err; 185 goto err;
186
187 checks = BN_prime_checks_for_size(bits);
188
175loop: 189loop:
176 /* make a random number and set the top and bottom bits */ 190 /* make a random number and set the top and bottom bits */
177 if (add == NULL) { 191 if (add == NULL) {
diff --git a/src/lib/libssl/src/crypto/bn/bn.h b/src/lib/libssl/src/crypto/bn/bn.h
index 33c6162874..2c648ba2ee 100644
--- a/src/lib/libssl/src/crypto/bn/bn.h
+++ b/src/lib/libssl/src/crypto/bn/bn.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn.h,v 1.27 2015/10/16 12:41:29 beck Exp $ */ 1/* $OpenBSD: bn.h,v 1.28 2015/10/21 19:02:22 miod Exp $ */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -768,6 +768,7 @@ void ERR_load_BN_strings(void);
768#define BN_F_BN_DIV_RECP 130 768#define BN_F_BN_DIV_RECP 130
769#define BN_F_BN_EXP 123 769#define BN_F_BN_EXP 123
770#define BN_F_BN_EXPAND2 108 770#define BN_F_BN_EXPAND2 108
771#define BN_F_BN_GENERATE_PRIME_EX 140
771#define BN_F_BN_EXPAND_INTERNAL 120 772#define BN_F_BN_EXPAND_INTERNAL 120
772#define BN_F_BN_GF2M_MOD 131 773#define BN_F_BN_GF2M_MOD 131
773#define BN_F_BN_GF2M_MOD_EXP 132 774#define BN_F_BN_GF2M_MOD_EXP 132
@@ -797,6 +798,7 @@ void ERR_load_BN_strings(void);
797#define BN_R_ARG2_LT_ARG3 100 798#define BN_R_ARG2_LT_ARG3 100
798#define BN_R_BAD_RECIPROCAL 101 799#define BN_R_BAD_RECIPROCAL 101
799#define BN_R_BIGNUM_TOO_LONG 114 800#define BN_R_BIGNUM_TOO_LONG 114
801#define BN_R_BITS_TOO_SMALL 117
800#define BN_R_CALLED_WITH_EVEN_MODULUS 102 802#define BN_R_CALLED_WITH_EVEN_MODULUS 102
801#define BN_R_DIV_BY_ZERO 103 803#define BN_R_DIV_BY_ZERO 103
802#define BN_R_ENCODING_ERROR 104 804#define BN_R_ENCODING_ERROR 104
diff --git a/src/lib/libssl/src/crypto/bn/bn_err.c b/src/lib/libssl/src/crypto/bn/bn_err.c
index 5a0f359d86..149e58eafc 100644
--- a/src/lib/libssl/src/crypto/bn/bn_err.c
+++ b/src/lib/libssl/src/crypto/bn/bn_err.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_err.c,v 1.12 2014/07/10 22:45:56 jsing Exp $ */ 1/* $OpenBSD: bn_err.c,v 1.13 2015/10/21 19:02:22 miod Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -89,6 +89,7 @@ static ERR_STRING_DATA BN_str_functs[]= {
89 {ERR_FUNC(BN_F_BN_EXP), "BN_exp"}, 89 {ERR_FUNC(BN_F_BN_EXP), "BN_exp"},
90 {ERR_FUNC(BN_F_BN_EXPAND2), "bn_expand2"}, 90 {ERR_FUNC(BN_F_BN_EXPAND2), "bn_expand2"},
91 {ERR_FUNC(BN_F_BN_EXPAND_INTERNAL), "BN_EXPAND_INTERNAL"}, 91 {ERR_FUNC(BN_F_BN_EXPAND_INTERNAL), "BN_EXPAND_INTERNAL"},
92 {ERR_FUNC(BN_F_BN_GENERATE_PRIME_EX), "BN_generate_prime_ex"},
92 {ERR_FUNC(BN_F_BN_GF2M_MOD), "BN_GF2m_mod"}, 93 {ERR_FUNC(BN_F_BN_GF2M_MOD), "BN_GF2m_mod"},
93 {ERR_FUNC(BN_F_BN_GF2M_MOD_EXP), "BN_GF2m_mod_exp"}, 94 {ERR_FUNC(BN_F_BN_GF2M_MOD_EXP), "BN_GF2m_mod_exp"},
94 {ERR_FUNC(BN_F_BN_GF2M_MOD_MUL), "BN_GF2m_mod_mul"}, 95 {ERR_FUNC(BN_F_BN_GF2M_MOD_MUL), "BN_GF2m_mod_mul"},
@@ -119,6 +120,7 @@ static ERR_STRING_DATA BN_str_reasons[]= {
119 {ERR_REASON(BN_R_ARG2_LT_ARG3) , "arg2 lt arg3"}, 120 {ERR_REASON(BN_R_ARG2_LT_ARG3) , "arg2 lt arg3"},
120 {ERR_REASON(BN_R_BAD_RECIPROCAL) , "bad reciprocal"}, 121 {ERR_REASON(BN_R_BAD_RECIPROCAL) , "bad reciprocal"},
121 {ERR_REASON(BN_R_BIGNUM_TOO_LONG) , "bignum too long"}, 122 {ERR_REASON(BN_R_BIGNUM_TOO_LONG) , "bignum too long"},
123 {ERR_REASON(BN_R_BITS_TOO_SMALL) , "bits too small"},
122 {ERR_REASON(BN_R_CALLED_WITH_EVEN_MODULUS), "called with even modulus"}, 124 {ERR_REASON(BN_R_CALLED_WITH_EVEN_MODULUS), "called with even modulus"},
123 {ERR_REASON(BN_R_DIV_BY_ZERO) , "div by zero"}, 125 {ERR_REASON(BN_R_DIV_BY_ZERO) , "div by zero"},
124 {ERR_REASON(BN_R_ENCODING_ERROR) , "encoding error"}, 126 {ERR_REASON(BN_R_ENCODING_ERROR) , "encoding error"},
diff --git a/src/lib/libssl/src/crypto/bn/bn_prime.c b/src/lib/libssl/src/crypto/bn/bn_prime.c
index 02780d32e6..b1aba663df 100644
--- a/src/lib/libssl/src/crypto/bn/bn_prime.c
+++ b/src/lib/libssl/src/crypto/bn/bn_prime.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_prime.c,v 1.13 2015/02/09 15:49:22 jsing Exp $ */ 1/* $OpenBSD: bn_prime.c,v 1.14 2015/10/21 19:02:22 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -112,6 +112,8 @@
112#include <stdio.h> 112#include <stdio.h>
113#include <time.h> 113#include <time.h>
114 114
115#include <openssl/err.h>
116
115#include "bn_lcl.h" 117#include "bn_lcl.h"
116 118
117/* NB: these functions have been "upgraded", the deprecated versions (which are 119/* NB: these functions have been "upgraded", the deprecated versions (which are
@@ -164,7 +166,16 @@ BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
164 int found = 0; 166 int found = 0;
165 int i, j, c1 = 0; 167 int i, j, c1 = 0;
166 BN_CTX *ctx; 168 BN_CTX *ctx;
167 int checks = BN_prime_checks_for_size(bits); 169 int checks;
170
171 if (bits < 2 || (bits == 2 && safe)) {
172 /*
173 * There are no prime numbers smaller than 2, and the smallest
174 * safe prime (7) spans three bits.
175 */
176 BNerr(BN_F_BN_GENERATE_PRIME_EX, BN_R_BITS_TOO_SMALL);
177 return 0;
178 }
168 179
169 ctx = BN_CTX_new(); 180 ctx = BN_CTX_new();
170 if (ctx == NULL) 181 if (ctx == NULL)
@@ -172,6 +183,9 @@ BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
172 BN_CTX_start(ctx); 183 BN_CTX_start(ctx);
173 if ((t = BN_CTX_get(ctx)) == NULL) 184 if ((t = BN_CTX_get(ctx)) == NULL)
174 goto err; 185 goto err;
186
187 checks = BN_prime_checks_for_size(bits);
188
175loop: 189loop:
176 /* make a random number and set the top and bottom bits */ 190 /* make a random number and set the top and bottom bits */
177 if (add == NULL) { 191 if (add == NULL) {
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-28 13:02:46 +0000