diff options
author | Adam Langley <agl@chromium.org> | 2013-04-23 14:36:06 -0400 |
---|---|---|
committer | Ben Laurie <ben@links.org> | 2013-06-04 18:52:30 +0100 |
commit | 96a4c31be3344cb08994a9d460c0ebd55939cc5b (patch) | |
tree | 45882a374b9c9dd0c46c0df2f17d640de3448d82 /crypto/bn/bntest.c | |
parent | 2b0180c37fa6ffc48ee40caa831ca398b828e680 (diff) |
Ensure that, when generating small primes, the result is actually of the
requested size. Fixes OpenSSL #2701.
This change does not address the cases of generating safe primes, or
where the |add| parameter is non-NULL.
Conflicts:
crypto/bn/bn.h
crypto/bn/bn_err.c
Diffstat (limited to 'crypto/bn/bntest.c')
-rw-r--r-- | crypto/bn/bntest.c | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/crypto/bn/bntest.c b/crypto/bn/bntest.c index 7771e92023..d22c2d43d6 100644 --- a/crypto/bn/bntest.c +++ b/crypto/bn/bntest.c @@ -120,6 +120,7 @@ int test_gf2m_mod_sqrt(BIO *bp,BN_CTX *ctx); int test_gf2m_mod_solve_quad(BIO *bp,BN_CTX *ctx); int test_kron(BIO *bp,BN_CTX *ctx); int test_sqrt(BIO *bp,BN_CTX *ctx); +int test_small_prime(BIO *bp,BN_CTX *ctx); int rand_neg(void); static int results=0; @@ -264,6 +265,11 @@ int main(int argc, char *argv[]) message(out,"BN_mod_sqrt"); if (!test_sqrt(out,ctx)) goto err; (void)BIO_flush(out); + + message(out,"Small prime generation"); + if (!test_small_prime(out,ctx)) goto err; + (void)BIO_flush(out); + #ifndef OPENSSL_NO_EC2M message(out,"BN_GF2m_add"); if (!test_gf2m_add(out)) goto err; @@ -1895,6 +1901,28 @@ int test_sqrt(BIO *bp, BN_CTX *ctx) return ret; } +int test_small_prime(BIO *bp,BN_CTX *ctx) + { + static const int bits = 10; + int ret = 0; + BIGNUM r; + + BN_init(&r); + if (!BN_generate_prime_ex(&r, bits, 0, NULL, NULL, NULL)) + goto err; + if (BN_num_bits(&r) != bits) + { + BIO_printf(bp, "Expected %d bit prime, got %d bit number\n", bits, BN_num_bits(&r)); + goto err; + } + + ret = 1; + +err: + BN_clear(&r); + return ret; + } + int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_) { BIGNUM *a,*b,*c,*d; |