diff options
Diffstat (limited to 'moduli.c')
-rw-r--r-- | moduli.c | 21 |
1 files changed, 14 insertions, 7 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: moduli.c,v 1.32 2017/12/08 03:45:52 deraadt Exp $ */ | 1 | /* $OpenBSD: moduli.c,v 1.34 2019/01/23 09:49:00 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 1994 Phil Karn <karn@qualcomm.com> | 3 | * Copyright 1994 Phil Karn <karn@qualcomm.com> |
4 | * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com> | 4 | * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com> |
@@ -582,7 +582,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, | |||
582 | u_int32_t generator_known, in_tests, in_tries, in_type, in_size; | 582 | u_int32_t generator_known, in_tests, in_tries, in_type, in_size; |
583 | unsigned long last_processed = 0, end_lineno; | 583 | unsigned long last_processed = 0, end_lineno; |
584 | time_t time_start, time_stop; | 584 | time_t time_start, time_stop; |
585 | int res; | 585 | int res, is_prime; |
586 | 586 | ||
587 | if (trials < TRIAL_MINIMUM) { | 587 | if (trials < TRIAL_MINIMUM) { |
588 | error("Minimum primality trials is %d", TRIAL_MINIMUM); | 588 | error("Minimum primality trials is %d", TRIAL_MINIMUM); |
@@ -716,8 +716,6 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, | |||
716 | if (generator_known == 0) { | 716 | if (generator_known == 0) { |
717 | if (BN_mod_word(p, 24) == 11) | 717 | if (BN_mod_word(p, 24) == 11) |
718 | generator_known = 2; | 718 | generator_known = 2; |
719 | else if (BN_mod_word(p, 12) == 5) | ||
720 | generator_known = 3; | ||
721 | else { | 719 | else { |
722 | u_int32_t r = BN_mod_word(p, 10); | 720 | u_int32_t r = BN_mod_word(p, 10); |
723 | 721 | ||
@@ -753,7 +751,10 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, | |||
753 | * that p is also prime. A single pass will weed out the | 751 | * that p is also prime. A single pass will weed out the |
754 | * vast majority of composite q's. | 752 | * vast majority of composite q's. |
755 | */ | 753 | */ |
756 | if (BN_is_prime_ex(q, 1, ctx, NULL) <= 0) { | 754 | is_prime = BN_is_prime_ex(q, 1, ctx, NULL); |
755 | if (is_prime < 0) | ||
756 | fatal("BN_is_prime_ex failed"); | ||
757 | if (is_prime == 0) { | ||
757 | debug("%10u: q failed first possible prime test", | 758 | debug("%10u: q failed first possible prime test", |
758 | count_in); | 759 | count_in); |
759 | continue; | 760 | continue; |
@@ -766,14 +767,20 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, | |||
766 | * will show up on the first Rabin-Miller iteration so it | 767 | * will show up on the first Rabin-Miller iteration so it |
767 | * doesn't hurt to specify a high iteration count. | 768 | * doesn't hurt to specify a high iteration count. |
768 | */ | 769 | */ |
769 | if (!BN_is_prime_ex(p, trials, ctx, NULL)) { | 770 | is_prime = BN_is_prime_ex(p, trials, ctx, NULL); |
771 | if (is_prime < 0) | ||
772 | fatal("BN_is_prime_ex failed"); | ||
773 | if (is_prime == 0) { | ||
770 | debug("%10u: p is not prime", count_in); | 774 | debug("%10u: p is not prime", count_in); |
771 | continue; | 775 | continue; |
772 | } | 776 | } |
773 | debug("%10u: p is almost certainly prime", count_in); | 777 | debug("%10u: p is almost certainly prime", count_in); |
774 | 778 | ||
775 | /* recheck q more rigorously */ | 779 | /* recheck q more rigorously */ |
776 | if (!BN_is_prime_ex(q, trials - 1, ctx, NULL)) { | 780 | is_prime = BN_is_prime_ex(q, trials - 1, ctx, NULL); |
781 | if (is_prime < 0) | ||
782 | fatal("BN_is_prime_ex failed"); | ||
783 | if (is_prime == 0) { | ||
777 | debug("%10u: q is not prime", count_in); | 784 | debug("%10u: q is not prime", count_in); |
778 | continue; | 785 | continue; |
779 | } | 786 | } |