diff options
Diffstat (limited to 'src/lib/libcrypto/bn/bn_prime.c')
| -rw-r--r-- | src/lib/libcrypto/bn/bn_prime.c | 30 |
1 files changed, 22 insertions, 8 deletions
diff --git a/src/lib/libcrypto/bn/bn_prime.c b/src/lib/libcrypto/bn/bn_prime.c index b1aba663df..fb39756de2 100644 --- a/src/lib/libcrypto/bn/bn_prime.c +++ b/src/lib/libcrypto/bn/bn_prime.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: bn_prime.c,v 1.14 2015/10/21 19:02:22 miod Exp $ */ | 1 | /* $OpenBSD: bn_prime.c,v 1.15 2016/07/05 02:54:35 bcook Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -277,9 +277,13 @@ BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, | |||
| 277 | /* a is even => a is prime if and only if a == 2 */ | 277 | /* a is even => a is prime if and only if a == 2 */ |
| 278 | return BN_is_word(a, 2); | 278 | return BN_is_word(a, 2); |
| 279 | if (do_trial_division) { | 279 | if (do_trial_division) { |
| 280 | for (i = 1; i < NUMPRIMES; i++) | 280 | for (i = 1; i < NUMPRIMES; i++) { |
| 281 | if (BN_mod_word(a, primes[i]) == 0) | 281 | BN_ULONG mod = BN_mod_word(a, primes[i]); |
| 282 | if (mod == (BN_ULONG)-1) | ||
| 283 | goto err; | ||
| 284 | if (mod == 0) | ||
| 282 | return 0; | 285 | return 0; |
| 286 | } | ||
| 283 | if (!BN_GENCB_call(cb, 1, -1)) | 287 | if (!BN_GENCB_call(cb, 1, -1)) |
| 284 | goto err; | 288 | goto err; |
| 285 | } | 289 | } |
| @@ -398,8 +402,12 @@ again: | |||
| 398 | if (!BN_rand(rnd, bits, 1, 1)) | 402 | if (!BN_rand(rnd, bits, 1, 1)) |
| 399 | return (0); | 403 | return (0); |
| 400 | /* we now have a random number 'rand' to test. */ | 404 | /* we now have a random number 'rand' to test. */ |
| 401 | for (i = 1; i < NUMPRIMES; i++) | 405 | for (i = 1; i < NUMPRIMES; i++) { |
| 402 | mods[i] = (prime_t)BN_mod_word(rnd, (BN_ULONG)primes[i]); | 406 | BN_ULONG mod = BN_mod_word(rnd, (BN_ULONG)primes[i]); |
| 407 | if (mod == (BN_ULONG)-1) | ||
| 408 | return (0); | ||
| 409 | mods[i] = (prime_t)mod; | ||
| 410 | } | ||
| 403 | maxdelta = BN_MASK2 - primes[NUMPRIMES - 1]; | 411 | maxdelta = BN_MASK2 - primes[NUMPRIMES - 1]; |
| 404 | delta = 0; | 412 | delta = 0; |
| 405 | loop: | 413 | loop: |
| @@ -452,7 +460,10 @@ probable_prime_dh(BIGNUM *rnd, int bits, const BIGNUM *add, const BIGNUM *rem, | |||
| 452 | loop: | 460 | loop: |
| 453 | for (i = 1; i < NUMPRIMES; i++) { | 461 | for (i = 1; i < NUMPRIMES; i++) { |
| 454 | /* check that rnd is a prime */ | 462 | /* check that rnd is a prime */ |
| 455 | if (BN_mod_word(rnd, (BN_ULONG)primes[i]) <= 1) { | 463 | BN_LONG mod = BN_mod_word(rnd, (BN_ULONG)primes[i]); |
| 464 | if (mod == (BN_ULONG)-1) | ||
| 465 | goto err; | ||
| 466 | if (mod <= 1) { | ||
| 456 | if (!BN_add(rnd, rnd, add)) | 467 | if (!BN_add(rnd, rnd, add)) |
| 457 | goto err; | 468 | goto err; |
| 458 | goto loop; | 469 | goto loop; |
| @@ -514,8 +525,11 @@ loop: | |||
| 514 | /* check that p and q are prime */ | 525 | /* check that p and q are prime */ |
| 515 | /* check that for p and q | 526 | /* check that for p and q |
| 516 | * gcd(p-1,primes) == 1 (except for 2) */ | 527 | * gcd(p-1,primes) == 1 (except for 2) */ |
| 517 | if ((BN_mod_word(p, (BN_ULONG)primes[i]) == 0) || | 528 | BN_ULONG pmod = BN_mod_word(p, (BN_ULONG)primes[i]); |
| 518 | (BN_mod_word(q, (BN_ULONG)primes[i]) == 0)) { | 529 | BN_ULONG qmod = BN_mod_word(q, (BN_ULONG)primes[i]); |
| 530 | if (pmod == (BN_ULONG)-1 || qmod == (BN_ULONG)-1) | ||
| 531 | goto err; | ||
| 532 | if (pmod == 0 || qmod == 0) { | ||
| 519 | if (!BN_add(p, p, padd)) | 533 | if (!BN_add(p, p, padd)) |
| 520 | goto err; | 534 | goto err; |
| 521 | if (!BN_add(q, q, qadd)) | 535 | if (!BN_add(q, q, qadd)) |