Fix error propagatation in BN_check_prime()

BN_check_prime() is supposed to return 0 for a composite number and -1 on error. Properly translate the return value of the internal function ossl_bn_miller_rabin_is_prime(), where 0 means an error. The confusion prevented BN_GENCB callbacks from aborting the primality test or key generation routines utilizing this.
openssl · Oct 1, 2022 · f1f2143 · f1f2143
1 parent 2ba5bff
commit f1f2143
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c
@@ -308,9 +308,10 @@ static int bn_is_prime_int(const BIGNUM *w, int checks, BN_CTX *ctx,
         goto err;
 #endif
 
-    ret = ossl_bn_miller_rabin_is_prime(w, checks, ctx, cb, 0, &status);
-    if (!ret)
+    if (!ossl_bn_miller_rabin_is_prime(w, checks, ctx, cb, 0, &status)) {
+        ret = -1;
         goto err;
+    }
     ret = (status == BN_PRIMETEST_PROBABLY_PRIME);
 err:
 #ifndef FIPS_MODULE