Precautions against using the PRNG uninitialized: RAND_bytes() now

 Changes between 0.9.4 and 0.9.5  [xx XXX 1999]

  *) Precautions against using the PRNG uninitialized: RAND_bytes() now

     has a return value which indicated the quality of the random data

     (1 = ok, 0 = not seeded).

     [Ulf Möller]

  *) Do more iterations of Rabin-Miller probable prime test (specifically,

     3 for 1024-bit primes, 6 for 512-bit primes, 12 for 256-bit primes

     instead of only 2 for all lengths; see BN_prime_checks definition

	BIGNUM *add, BIGNUM *rem, BN_CTX *ctx);

static int probable_prime_dh_safe(BIGNUM *rnd, int bits,

	BIGNUM *add, BIGNUM *rem, BN_CTX *ctx);

BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, BIGNUM *add,

	     BIGNUM *rem, void (*callback)(int,int,void *), void *cb_arg)

	{

	/* make a random number and set the top and bottom bits */

	time(&tim);

	RAND_seed(&tim,sizeof(tim));

	RAND_add(&tim,sizeof(tim),0);

	RAND_bytes(buf,(int)bytes);

	if (RAND_bytes(buf,(int)bytes) <= 0)

		goto err;

	if (top)

		{

		if (bit == 0)

{ERR_PACK(ERR_LIB_PKCS7,0,0)		,"PKCS7 routines"},

{ERR_PACK(ERR_LIB_X509V3,0,0)		,"X509 V3 routines"},

{ERR_PACK(ERR_LIB_PKCS12,0,0)		,"PKCS12 routines"},

{ERR_PACK(ERR_LIB_RAND,0,0)		,"random number generator"},

{0,NULL},

	};

#define ERR_LIB_PKCS7		33

#define ERR_LIB_X509V3		34

#define ERR_LIB_PKCS12		35

#define ERR_LIB_RAND		36

#define ERR_LIB_USER		128

#define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),ERR_file_name,__LINE__)

#define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),ERR_file_name,__LINE__)

#define PKCS12err(f,r) ERR_PUT_error(ERR_LIB_PKCS12,(f),(r),ERR_file_name,__LINE__)

#define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),ERR_file_name,__LINE__)

/* Borland C seems too stupid to be able to shift and do longs in

 * the pre-processor :-( */