|
|
@@ -496,7 +496,11 @@ int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, |
|
|
|
|
|
|
|
if (do_trial_division) { |
|
|
|
for (i = 1; i < NUMPRIMES; i++) { |
|
|
|
if (BN_mod_word(a, primes[i]) == 0) { |
|
|
|
BN_ULONG mod = BN_mod_word(a, primes[i]); |
|
|
|
if (mod == (BN_ULONG)-1) { |
|
|
|
goto err; |
|
|
|
} |
|
|
|
if (mod == 0) { |
|
|
|
return 0; |
|
|
|
} |
|
|
|
} |
|
|
@@ -653,7 +657,11 @@ again: |
|
|
|
|
|
|
|
/* we now have a random number 'rnd' to test. */ |
|
|
|
for (i = 1; i < NUMPRIMES; i++) { |
|
|
|
mods[i] = (uint16_t)BN_mod_word(rnd, (BN_ULONG)primes[i]); |
|
|
|
BN_ULONG mod = BN_mod_word(rnd, (BN_ULONG)primes[i]); |
|
|
|
if (mod == (BN_ULONG)-1) { |
|
|
|
return 0; |
|
|
|
} |
|
|
|
mods[i] = (uint16_t)mod; |
|
|
|
} |
|
|
|
/* If bits is so small that it fits into a single word then we |
|
|
|
* additionally don't want to exceed that many bits. */ |
|
|
@@ -753,7 +761,11 @@ static int probable_prime_dh(BIGNUM *rnd, int bits, const BIGNUM *add, |
|
|
|
loop: |
|
|
|
for (i = 1; i < NUMPRIMES; i++) { |
|
|
|
/* check that rnd is a prime */ |
|
|
|
if (BN_mod_word(rnd, (BN_ULONG)primes[i]) <= 1) { |
|
|
|
BN_ULONG mod = BN_mod_word(rnd, (BN_ULONG)primes[i]); |
|
|
|
if (mod == (BN_ULONG)-1) { |
|
|
|
goto err; |
|
|
|
} |
|
|
|
if (mod <= 1) { |
|
|
|
if (!BN_add(rnd, rnd, add)) { |
|
|
|
goto err; |
|
|
|
} |
|
|
@@ -825,8 +837,12 @@ loop: |
|
|
|
/* check that p and q are prime */ |
|
|
|
/* check that for p and q |
|
|
|
* gcd(p-1,primes) == 1 (except for 2) */ |
|
|
|
if ((BN_mod_word(p, (BN_ULONG)primes[i]) == 0) || |
|
|
|
(BN_mod_word(q, (BN_ULONG)primes[i]) == 0)) { |
|
|
|
BN_ULONG pmod = BN_mod_word(p, (BN_ULONG)primes[i]); |
|
|
|
BN_ULONG qmod = BN_mod_word(q, (BN_ULONG)primes[i]); |
|
|
|
if (pmod == (BN_ULONG)-1 || qmod == (BN_ULONG)-1) { |
|
|
|
goto err; |
|
|
|
} |
|
|
|
if (pmod == 0 || qmod == 0) { |
|
|
|
if (!BN_add(p, p, padd)) { |
|
|
|
goto err; |
|
|
|
} |
|
|
|