Use the private RNG for data that is not public

Reviewed-by: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Rich Salz <rsalz@openssl.org> Fixes: #4641 GH: #4665
author: Kurt Roeckx <kurt@roeckx.be> 2017-11-03 20:59:16 +0100
committer: Kurt Roeckx <kurt@roeckx.be> 2018-04-02 22:22:43 +0200
commit: 4cffafe96786558f66e1900ac462f9ccba921132 (patch)
tree: f075edeb812b1ed574e6656a7f1bd312dbe5e02e /crypto/bn/bn_prime.c
parent: 1238caa725a1dfb5f9d7ef3ba3b014d2af4cab60 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c
index 36d6e88478..4e7908682e 100644
--- a/crypto/bn/bn_prime.c
+++ b/crypto/bn/bn_prime.c
@@ -279,6 +279,7 @@ static int probable_prime(BIGNUM *rnd, int bits, prime_t *mods)
     char is_single_word = bits <= BN_BITS2;
 
  again:
+    /* TODO: Not all primes are private */
     if (!BN_priv_rand(rnd, bits, BN_RAND_TOP_TWO, BN_RAND_BOTTOM_ODD))
         return 0;
     /* we now have a random number 'rnd' to test. */
@@ -363,7 +364,7 @@ int bn_probable_prime_dh(BIGNUM *rnd, int bits,
     if ((t1 = BN_CTX_get(ctx)) == NULL)
         goto err;
 
-    if (!BN_priv_rand(rnd, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
+    if (!BN_rand(rnd, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
         goto err;
 
     /* we need ((rnd-rem) % add) == 0 */
@@ -419,7 +420,7 @@ static int probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd,
     if (!BN_rshift1(qadd, padd))
         goto err;
 
-    if (!BN_priv_rand(q, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
+    if (!BN_rand(q, bits, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD))
         goto err;
 
     /* we need ((rnd-rem) % add) == 0 */
author	Kurt Roeckx <kurt@roeckx.be>	2017-11-03 20:59:16 +0100
committer	Kurt Roeckx <kurt@roeckx.be>	2018-04-02 22:22:43 +0200
commit	4cffafe96786558f66e1900ac462f9ccba921132 (patch)
tree	f075edeb812b1ed574e6656a7f1bd312dbe5e02e /crypto/bn/bn_prime.c
parent	1238caa725a1dfb5f9d7ef3ba3b014d2af4cab60 (diff)