openssl: avoid deprecated BN_*prime* functions

* ext/openssl/ossl_bn.c (ossl_bn_s_generate_prime, ossl_bn_is_prime,
  ossl_bn_is_prime_fasttest): Avoid deprecated BN_generate_prime(),
  BN_is_prime{,_fasttest}(). They are deprecated because they expect an
  old style callback function (we don't use it here). They can be simply
  replaced by _ex suffixed functions.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55273 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

1 files changed, 15 insertions, 9 deletions

diff --git a/ext/openssl/ossl_bn.c b/ext/openssl/ossl_bn.c
index 5b4207ba70..4398ad8ad8 100644
--- a/ext/openssl/ossl_bn.c
+++ b/ext/openssl/ossl_bn.c
@@ -743,6 +743,10 @@ BIGNUM_RAND_RANGE(pseudo_rand)
  * call-seq:
  *    BN.generate_prime(bits, [, safe [, add [, rem]]]) => bn
  *
+ * Generates a random prime number of bit length +bits+. If +safe+ is true,
+ * generates a safe prime. If +add+ is specified, generates a prime that
+ * fulfills condition <tt>p % add = rem</tt>.
+ *
  * === Parameters
  * * +bits+ - integer
  * * +safe+ - boolean
@@ -771,7 +775,7 @@ ossl_bn_s_generate_prime(int argc, VALUE *argv, VALUE klass)
     if (!(result = BN_new())) {
 	ossl_raise(eBNError, NULL);
     }
-    if (!BN_generate_prime(result, num, safe, add, rem, NULL, NULL)) {
+    if (!BN_generate_prime_ex(result, num, safe, add, rem, NULL)) {
 	BN_free(result);
 	ossl_raise(eBNError, NULL);
     }
@@ -922,6 +926,10 @@ ossl_bn_hash(VALUE self)
  *    bn.prime? => true | false
  *    bn.prime?(checks) => true | false
  *
+ *  Performs a Miller-Rabin probabilistic primality test with +checks+
+ *  iterations. If +nchecks+ is not specified, a number of iterations is used
+ *  that yields a false positive rate of at most 2^-80 for random input.
+ *
  * === Parameters
  * * +checks+ - integer
  */
@@ -936,7 +944,7 @@ ossl_bn_is_prime(int argc, VALUE *argv, VALUE self)
 	checks = NUM2INT(vchecks);
     }
     GetBN(self, bn);
-    switch (BN_is_prime(bn, checks, NULL, ossl_bn_ctx, NULL)) {
+    switch (BN_is_prime_ex(bn, checks, ossl_bn_ctx, NULL)) {
     case 1:
 	return Qtrue;
     case 0:
@@ -954,6 +962,9 @@ ossl_bn_is_prime(int argc, VALUE *argv, VALUE self)
  *    bn.prime_fasttest?(checks) => true | false
  *    bn.prime_fasttest?(checks, trial_div) => true | false
  *
+ *  Performs a Miller-Rabin primality test. This is same as #prime? except this
+ *  first attempts trial divisions with some small primes.
+ *
  * === Parameters
  * * +checks+ - integer
  * * +trial_div+ - boolean
@@ -975,7 +986,7 @@ ossl_bn_is_prime_fasttest(int argc, VALUE *argv, VALUE self)
     if (vtrivdiv == Qfalse) {
 	do_trial_division = 0;
     }
-    switch (BN_is_prime_fasttest(bn, checks, NULL, ossl_bn_ctx, NULL, do_trial_division)) {
+    switch (BN_is_prime_fasttest_ex(bn, checks, ossl_bn_ctx, do_trial_division, NULL)) {
     case 1:
 	return Qtrue;
     case 0:
@@ -1065,6 +1076,7 @@ Init_ossl_bn(void)
 
     rb_define_singleton_method(cBN, "generate_prime", ossl_bn_s_generate_prime, -1);
     rb_define_method(cBN, "prime?", ossl_bn_is_prime, -1);
+    rb_define_method(cBN, "prime_fasttest?", ossl_bn_is_prime_fasttest, -1);
 
     rb_define_method(cBN, "set_bit!", ossl_bn_set_bit, 1);
     rb_define_method(cBN, "clear_bit!", ossl_bn_clear_bit, 1);
@@ -1106,10 +1118,4 @@ Init_ossl_bn(void)
 
     /* RECiProcal
      * MONTgomery */
-
-    /*
-     * TODO:
-     * Where to belong these?
-     */
-    rb_define_method(cBN, "prime_fasttest?", ossl_bn_is_prime_fasttest, -1);
 }