* Don't have `strongprime_setup' assert just because the requested
size is too small.
* Fix `strongprime' itself, so that it leaves its destination in a
predictable state (specifically, it's unmolested) if it fails.
* Remove the retry loops from `bbs_gen' and `rsa_gen'. Now,
downstream failures are consistently propagated.
/* --- Choose two primes %$s$% and %$t$% of half the required size --- */
/* --- Choose two primes %$s$% and %$t$% of half the required size --- */
- assert(((void)"nbits too small in strongprime_setup", nbits/2 > BITSLOP));
+ if (nbits/2 <= BITSLOP) return (0);
nb = nbits/2 - BITSLOP;
c.step = 1;
nb = nbits/2 - BITSLOP;
c.step = 1;
mp *strongprime(const char *name, mp *d, unsigned nbits, grand *r,
unsigned n, pgen_proc *event, void *ectx)
{
mp *strongprime(const char *name, mp *d, unsigned nbits, grand *r,
unsigned n, pgen_proc *event, void *ectx)
{
pfilt f;
pgen_jumpctx j;
rabin rb;
pfilt f;
pgen_jumpctx j;
rabin rb;
- d = strongprime_setup(name, d, &f, nbits, r, n, event, ectx);
+ if (d) mp_copy(d);
+ p = strongprime_setup(name, d, &f, nbits, r, n, event, ectx);
+ if (!p) { mp_drop(d); return (0); }
- d = pgen(name, d, d, event, ectx, n, pgen_jump, &j,
+ p = pgen(name, p, p, event, ectx, n, pgen_jump, &j,
rabin_iters(nbits), pgen_test, &rb);
pfilt_destroy(&f);
rabin_iters(nbits), pgen_test, &rb);
pfilt_destroy(&f);
+ mp_drop(d);
+ return (p);
}
/*----- That's all, folks -------------------------------------------------*/
}
/*----- That's all, folks -------------------------------------------------*/
/* --- Generate @p@ --- */
/* --- Generate @p@ --- */
if ((x = strongprime_setup("p", x, &jp, nb, r, n, event, ectx)) == 0)
goto fail_x;
j.j = &jp;
bp->p = pgen("p", MP_NEW, x, event, ectx, n, pgen_jump, &j,
rabin_iters(nb), pgen_test, &rb);
pfilt_destroy(&jp);
if ((x = strongprime_setup("p", x, &jp, nb, r, n, event, ectx)) == 0)
goto fail_x;
j.j = &jp;
bp->p = pgen("p", MP_NEW, x, event, ectx, n, pgen_jump, &j,
rabin_iters(nb), pgen_test, &rb);
pfilt_destroy(&jp);
- if (!bp->p) {
- if (n)
- goto fail_p;
- goto again;
- }
+ if (!bp->p) goto fail_p;
/* --- Generate @q@ --- */
/* --- Generate @q@ --- */
pfilt_destroy(&g.jp);
mp_drop(g.r);
mp_drop(g.g);
pfilt_destroy(&g.jp);
mp_drop(g.r);
mp_drop(g.g);
- if (!bp->q) {
- if (n)
- goto fail_q;
- mp_drop(bp->p);
- goto again;
- }
+ if (!bp->q) goto fail_q;
/* --- Compute @n@ --- */
/* --- Compute @n@ --- */
* conservative about that sort of thing.
*/
* conservative about that sort of thing.
*/
if ((rp->p = strongprime("p", MP_NEWSEC, nbits/2, r, n, event, ectx)) == 0)
goto fail_p;
if ((rp->p = strongprime("p", MP_NEWSEC, nbits/2, r, n, event, ectx)) == 0)
goto fail_p;
mp_drop(g.r);
if (!q) {
mp_drop(g.g);
mp_drop(g.r);
if (!q) {
mp_drop(g.g);
- if (n)
- goto fail_q;
- mp_drop(rp->p);
- goto again;
MP_LEN(phi) * 4 < MP_LEN(rp->q) * 3) {
mp_drop(rp->p);
mp_drop(g.g);
MP_LEN(phi) * 4 < MP_LEN(rp->q) * 3) {
mp_drop(rp->p);
mp_drop(g.g);
- if (n)
- goto fail_q;
- mp_drop(rp->q);
- goto again;