diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/bn/bn_prime.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/src/lib/libcrypto/bn/bn_prime.c b/src/lib/libcrypto/bn/bn_prime.c index a09bac4ae9..5a4aa50bf1 100644 --- a/src/lib/libcrypto/bn/bn_prime.c +++ b/src/lib/libcrypto/bn/bn_prime.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: bn_prime.c,v 1.33 2023/07/08 12:21:58 beck Exp $ */ | 1 | /* $OpenBSD: bn_prime.c,v 1.34 2023/07/20 06:26:27 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -240,6 +240,8 @@ BN_is_prime_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, BN_GENCB *cb) | |||
| 240 | } | 240 | } |
| 241 | LCRYPTO_ALIAS(BN_is_prime_ex); | 241 | LCRYPTO_ALIAS(BN_is_prime_ex); |
| 242 | 242 | ||
| 243 | #define BN_PRIME_MAXIMUM_BITS (32 * 1024) | ||
| 244 | |||
| 243 | int | 245 | int |
| 244 | BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, | 246 | BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, |
| 245 | int do_trial_division, BN_GENCB *cb) | 247 | int do_trial_division, BN_GENCB *cb) |
| @@ -249,6 +251,15 @@ BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, | |||
| 249 | if (checks < 0) | 251 | if (checks < 0) |
| 250 | return -1; | 252 | return -1; |
| 251 | 253 | ||
| 254 | /* | ||
| 255 | * Prime numbers this large do not appear in everyday cryptography | ||
| 256 | * and checking such numbers for primality is very expensive. | ||
| 257 | */ | ||
| 258 | if (BN_num_bits(a) > BN_PRIME_MAXIMUM_BITS) { | ||
| 259 | BNerror(BN_R_BIGNUM_TOO_LONG); | ||
| 260 | return -1; | ||
| 261 | } | ||
| 262 | |||
| 252 | if (checks == BN_prime_checks) | 263 | if (checks == BN_prime_checks) |
| 253 | checks = BN_prime_checks_for_size(BN_num_bits(a)); | 264 | checks = BN_prime_checks_for_size(BN_num_bits(a)); |
| 254 | 265 | ||