commit 7c025a9f508d0cfa13d6c6f35c14baceb8fcecb6
author Janos Follath <janos.follath@arm.com> Tue Aug 14 11:08:41 2018 +0100
committer Janos Follath <janos.follath@arm.com> Fri Sep 21 16:30:07 2018 +0100
tree f747f7ae741faa701ad4ff67c9f27ca4f80c17b2
parent 53546ea099f6f53d0be653a64accd250e170337f

Generalize dh_flag in mbedtls_mpi_gen_prime

Setting the dh_flag to 1 used to indicate that the caller requests safe
primes from mbedtls_mpi_gen_prime. We generalize the functionality to
make room for more flags in that parameter.

include/mbedtls/bignum.h

diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h
index 732ecbe..cd0cba8 100644
--- a/include/mbedtls/bignum.h
+++ b/include/mbedtls/bignum.h
@@ -741,12 +741,22 @@
                   void *p_rng );
 
 /**
+ * \brief Flags for mbedtls_mpi_gen_prime()
+ *
+ * Each of these flags is a constraint on the result X returned by
+ * mbedtls_mpi_gen_prime().
+ */
+typedef enum {
+    MBEDTLS_MPI_GEN_PRIME_FLAG_DH = 0x0001,      /**< (X-1)/2 is prime too */
+} mbedtls_mpi_gen_prime_flag_t;
+
+/**
  * \brief          Prime number generation
  *
  * \param X        Destination MPI
  * \param nbits    Required size of X in bits
  *                 ( 3 <= nbits <= MBEDTLS_MPI_MAX_BITS )
- * \param dh_flag  If 1, then (X-1)/2 will be prime too
+ * \param flags    Mask of flags of type #mbedtls_mpi_gen_prime_flag_t
  * \param f_rng    RNG function
  * \param p_rng    RNG parameter
  *
@@ -754,7 +764,7 @@
  *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed,
  *                 MBEDTLS_ERR_MPI_BAD_INPUT_DATA if nbits is < 3
  */
-int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int dh_flag,
+int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags,
                    int (*f_rng)(void *, unsigned char *, size_t),
                    void *p_rng );
 

library/bignum.c

diff --git a/library/bignum.c b/library/bignum.c
index 423e375..51aa0b4 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -2192,11 +2192,11 @@
 /*
  * Prime number generation
  *
- * If dh_flag is 0 and nbits is at least 1024, then the procedure
+ * If flags is 0 and nbits is at least 1024, then the procedure
  * follows the RSA probably-prime generation method of FIPS 186-4.
  * NB. FIPS 186-4 only allows the specific bit lengths of 1024 and 1536.
  */
-int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int dh_flag,
+int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int flags,
                    int (*f_rng)(void *, unsigned char *, size_t),
                    void *p_rng )
 {
@@ -2229,7 +2229,7 @@
         if( k > nbits ) MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( X, k - nbits ) );
         X->p[0] |= 1;
 
-        if( dh_flag == 0 )
+        if( ( flags & MBEDTLS_MPI_GEN_PRIME_FLAG_DH ) == 0 )
         {
             ret = mbedtls_mpi_is_prime( X, f_rng, p_rng );
 

tests/suites/test_suite_mpi.data

diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data
index 227c472..5ff3f93 100644
--- a/tests/suites/test_suite_mpi.data
+++ b/tests/suites/test_suite_mpi.data
@@ -706,7 +706,7 @@
 
 Test mbedtls_mpi_gen_prime (Safe)
 depends_on:MBEDTLS_GENPRIME
-mbedtls_mpi_gen_prime:128:1:0
+mbedtls_mpi_gen_prime:128:MBEDTLS_MPI_GEN_PRIME_FLAG_DH:0
 
 Test bit getting (Value bit 25)
 mbedtls_mpi_get_bit:10:"49979687":25:1