1 files changed, 29 insertions, 39 deletions
diff --git a/src/lib/libcrypto/bn/bn_prime.c b/src/lib/libcrypto/bn/bn_prime.c
index ea0733b674..c3cf5b8986 100644
--- a/src/lib/libcrypto/bn/bn_prime.c
+++ b/src/lib/libcrypto/bn/bn_prime.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_prime.c,v 1.23 2022/11/09 02:01:13 tb Exp $ */
+/* $OpenBSD: bn_prime.c,v 1.24 2022/11/09 11:31:51 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -116,8 +116,6 @@
 #include "bn_lcl.h"
-#define LIBRESSL_HAS_BPSW
 /* NB: these functions have been "upgraded", the deprecated versions (which are
 * compatibility wrappers using these functions) are in bn_depr.c.
 * - Geoff
@@ -164,9 +162,9 @@ BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
 {
        BIGNUM *t;
        int found = 0;
-        int i, j, c1 = 0;
+        int loops = 0;
+        int j;
        BN_CTX *ctx;
-        int checks = 1;
        if (bits < 2 || (bits == 2 && safe)) {
                /*
@@ -177,18 +175,13 @@ BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
                return 0;
        }
-        ctx = BN_CTX_new();
+        if ((ctx = BN_CTX_new()) == NULL)
-        if (ctx == NULL)
                goto err;
        BN_CTX_start(ctx);
        if ((t = BN_CTX_get(ctx)) == NULL)
                goto err;
-#ifndef LIBRESSL_HAS_BPSW
+ loop:
-        checks = BN_prime_checks_for_size(bits);
-#endif
-loop:
        /* make a random number and set the top and bottom bits */
        if (add == NULL) {
                if (!probable_prime(ret, bits))
@@ -202,16 +195,15 @@ loop:
                                goto err;
                }
        }
-        /* if (BN_mod_word(ret,(BN_ULONG)3) == 1) goto loop; */
-        if (!BN_GENCB_call(cb, 0, c1++))
+        if (!BN_GENCB_call(cb, 0, loops++))
-                /* aborted */
                goto err;
        if (!safe) {
-                i = BN_is_prime_fasttest_ex(ret, checks, ctx, 0, cb);
+                j = BN_is_prime_fasttest_ex(ret, 1, ctx, 0, cb);
-                if (i == -1)
+                if (j == -1)
                        goto err;
-                if (i == 0)
+                if (j == 0)
                        goto loop;
        } else {
                /* for "safe prime" generation,
@@ -221,33 +213,31 @@ loop:
                if (!BN_rshift1(t, ret))
                        goto err;
-                for (i = 0; i < checks; i++) {
+                j = BN_is_prime_fasttest_ex(ret, 1, ctx, 0, cb);
-                        j = BN_is_prime_fasttest_ex(ret, 1, ctx, 0, cb);
+                if (j == -1)
-                        if (j == -1)
+                        goto err;
-                                goto err;
+                if (j == 0)
-                        if (j == 0)
+                        goto loop;
-                                goto loop;
-                        j = BN_is_prime_fasttest_ex(t, 1, ctx, 0, cb);
+                j = BN_is_prime_fasttest_ex(t, 1, ctx, 0, cb);
-                        if (j == -1)
+                if (j == -1)
-                                goto err;
+                        goto err;
-                        if (j == 0)
+                if (j == 0)
-                                goto loop;
+                        goto loop;
-                        if (!BN_GENCB_call(cb, 2, c1 - 1))
+                if (!BN_GENCB_call(cb, 2, loops - 1))
-                                goto err;
+                        goto err;
-                        /* We have a safe prime test pass */
-                }
+                /* We have a safe prime test pass */
        }
-        /* we have a prime :-) */
        found = 1;
-err:
+ err:
-        if (ctx != NULL) {
+        BN_CTX_end(ctx);
-                BN_CTX_end(ctx);
+        BN_CTX_free(ctx);
-                BN_CTX_free(ctx);
-        }
        bn_check_top(ret);
        return found;
 }

diff --git a/src/lib/libcrypto/bn/bn_prime.c b/src/lib/libcrypto/bn/bn_prime.c index ea0733b674..c3cf5b8986 100644 --- a/src/lib/libcrypto/bn/bn_prime.c +++ b/src/lib/libcrypto/bn/bn_prime.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: bn_prime.c,v 1.23 2022/11/09 02:01:13 tb Exp $ */	1	/* $OpenBSD: bn_prime.c,v 1.24 2022/11/09 11:31:51 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -116,8 +116,6 @@
116		116
117	#include "bn_lcl.h"	117	#include "bn_lcl.h"
118		118
119	#define LIBRESSL_HAS_BPSW
120
121	/* NB: these functions have been "upgraded", the deprecated versions (which are	119	/* NB: these functions have been "upgraded", the deprecated versions (which are
122	* compatibility wrappers using these functions) are in bn_depr.c.	120	* compatibility wrappers using these functions) are in bn_depr.c.
123	* - Geoff	121	* - Geoff
@@ -164,9 +162,9 @@ BN_generate_prime_ex(BIGNUM ret, int bits, int safe, const BIGNUM add,
164	{	162	{
165	BIGNUM *t;	163	BIGNUM *t;
166	int found = 0;	164	int found = 0;
167	int i, j, c1 = 0;	165	int loops = 0;
		166	int j;
168	BN_CTX *ctx;	167	BN_CTX *ctx;
169	int checks = 1;
170		168
171	if (bits < 2 \|\| (bits == 2 && safe)) {	169	if (bits < 2 \|\| (bits == 2 && safe)) {
172	/*	170	/*
@@ -177,18 +175,13 @@ BN_generate_prime_ex(BIGNUM ret, int bits, int safe, const BIGNUM add,
177	return 0;	175	return 0;
178	}	176	}
179		177
180	ctx = BN_CTX_new();	178	if ((ctx = BN_CTX_new()) == NULL)
181	if (ctx == NULL)
182	goto err;	179	goto err;
183	BN_CTX_start(ctx);	180	BN_CTX_start(ctx);
184	if ((t = BN_CTX_get(ctx)) == NULL)	181	if ((t = BN_CTX_get(ctx)) == NULL)
185	goto err;	182	goto err;
186		183
187	#ifndef LIBRESSL_HAS_BPSW	184	loop:
188	checks = BN_prime_checks_for_size(bits);
189	#endif
190
191	loop:
192	/* make a random number and set the top and bottom bits */	185	/* make a random number and set the top and bottom bits */
193	if (add == NULL) {	186	if (add == NULL) {
194	if (!probable_prime(ret, bits))	187	if (!probable_prime(ret, bits))
@@ -202,16 +195,15 @@ loop:
202	goto err;	195	goto err;
203	}	196	}
204	}	197	}
205	/* if (BN_mod_word(ret,(BN_ULONG)3) == 1) goto loop; */	198
206	if (!BN_GENCB_call(cb, 0, c1++))	199	if (!BN_GENCB_call(cb, 0, loops++))
207	/* aborted */
208	goto err;	200	goto err;
209		201
210	if (!safe) {	202	if (!safe) {
211	i = BN_is_prime_fasttest_ex(ret, checks, ctx, 0, cb);	203	j = BN_is_prime_fasttest_ex(ret, 1, ctx, 0, cb);
212	if (i == -1)	204	if (j == -1)
213	goto err;	205	goto err;
214	if (i == 0)	206	if (j == 0)
215	goto loop;	207	goto loop;
216	} else {	208	} else {
217	/* for "safe prime" generation,	209	/* for "safe prime" generation,
@@ -221,33 +213,31 @@ loop:
221	if (!BN_rshift1(t, ret))	213	if (!BN_rshift1(t, ret))
222	goto err;	214	goto err;
223		215
224	for (i = 0; i < checks; i++) {	216	j = BN_is_prime_fasttest_ex(ret, 1, ctx, 0, cb);
225	j = BN_is_prime_fasttest_ex(ret, 1, ctx, 0, cb);	217	if (j == -1)
226	if (j == -1)	218	goto err;
227	goto err;	219	if (j == 0)
228	if (j == 0)	220	goto loop;
229	goto loop;
230		221
231	j = BN_is_prime_fasttest_ex(t, 1, ctx, 0, cb);	222	j = BN_is_prime_fasttest_ex(t, 1, ctx, 0, cb);
232	if (j == -1)	223	if (j == -1)
233	goto err;	224	goto err;
234	if (j == 0)	225	if (j == 0)
235	goto loop;	226	goto loop;
236		227
237	if (!BN_GENCB_call(cb, 2, c1 - 1))	228	if (!BN_GENCB_call(cb, 2, loops - 1))
238	goto err;	229	goto err;
239	/* We have a safe prime test pass */	230
240	}	231	/* We have a safe prime test pass */
241	}	232	}
242	/* we have a prime :-) */	233
243	found = 1;	234	found = 1;
244		235
245	err:	236	err:
246	if (ctx != NULL) {	237	BN_CTX_end(ctx);
247	BN_CTX_end(ctx);	238	BN_CTX_free(ctx);
248	BN_CTX_free(ctx);
249	}
250	bn_check_top(ret);	239	bn_check_top(ret);
		240
251	return found;	241	return found;
252	}	242	}
253		243