From 28051fa99cd4163859429b852de69679e8d3c8c6 Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Mon, 7 Oct 2013 15:13:18 -0500 Subject: [PATCH] Convert mp_find_prime to use mp_prime_is_prime Modify the signature of mp_find_prime() to permit the number of Miller-Rabin rounds to be specified. In addition, valid responses now include MP_NO, MP_YES, and MP_VAL which is returned when mp_prime_is_prime() fails. Change-Id: I0195129a4dd75875e6dddb6d49a5ceb30afb1a17 --- lib/hcrypto/libtommath/bn_mp_find_prime.c | 15 ++++++++++++--- lib/hcrypto/libtommath/tommath.h | 2 +- lib/hcrypto/rsa-ltm.c | 4 ++-- 3 files changed, 15 insertions(+), 6 deletions(-) diff --git a/lib/hcrypto/libtommath/bn_mp_find_prime.c b/lib/hcrypto/libtommath/bn_mp_find_prime.c index d007acbef..29ef8747d 100644 --- a/lib/hcrypto/libtommath/bn_mp_find_prime.c +++ b/lib/hcrypto/libtommath/bn_mp_find_prime.c @@ -6,16 +6,25 @@ */ #include #ifdef BN_MP_FIND_PRIME_C -int mp_find_prime(mp_int *a) +int mp_find_prime(mp_int *a, int t) { - int res; + int res = MP_NO; + + /* valid value of t? */ + if (t <= 0 || t > PRIME_SIZE) { + return MP_VAL; + } if (mp_iseven(a)) mp_add_d(a, 1, a); do { + if (mp_prime_is_prime(a, t, &res) != 0) { + res = MP_VAL; + break; + } - if ((res = mp_isprime(a)) == MP_NO) { + if (res == MP_NO) { mp_add_d(a, 2, a); continue; } diff --git a/lib/hcrypto/libtommath/tommath.h b/lib/hcrypto/libtommath/tommath.h index 67d3b06af..84d3f7a59 100644 --- a/lib/hcrypto/libtommath/tommath.h +++ b/lib/hcrypto/libtommath/tommath.h @@ -520,7 +520,7 @@ int mp_prime_next_prime(mp_int *a, int t, int bbs_style); */ int mp_prime_random_ex(mp_int *a, int t, int size, int flags, ltm_prime_callback cb, void *dat); -int mp_find_prime(mp_int *a); +int mp_find_prime(mp_int *a, int t); int mp_isprime(mp_int *a); diff --git a/lib/hcrypto/rsa-ltm.c b/lib/hcrypto/rsa-ltm.c index 5cd3e9361..35d20b0a8 100644 --- a/lib/hcrypto/rsa-ltm.c +++ b/lib/hcrypto/rsa-ltm.c @@ -528,7 +528,7 @@ ltm_rsa_generate_key(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) do { BN_GENCB_call(cb, 2, counter++); CHECK(random_num(&p, bitsp), 0); - CHECK(mp_find_prime(&p), MP_YES); + CHECK(mp_find_prime(&p,128), MP_YES); mp_sub_d(&p, 1, &t1); mp_gcd(&t1, &el, &t2); @@ -540,7 +540,7 @@ ltm_rsa_generate_key(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) do { BN_GENCB_call(cb, 2, counter++); CHECK(random_num(&q, bits - bitsp), 0); - CHECK(mp_find_prime(&q), MP_YES); + CHECK(mp_find_prime(&q,128), MP_YES); if (mp_cmp(&p, &q) == 0) /* don't let p and q be the same */ continue;