File Botan-fix_miller_rabin_test.patch of Package Botan.openSUSE_12.3_Update

From f552efbea45350574a4adf9c39c8c2b3b3a7e9b9 Mon Sep 17 00:00:00 2001
From: lloyd <lloyd@randombit.net>
Date: Thu, 10 Apr 2014 13:45:54 +0000
Subject: [PATCH] Fix a bug in Miller-Rabin primality testing introduced in
 1.8.3 where we chose a single random nonce and tested it repeatedly, rather
 than choosing new nonces each time. Reported by Jeff Marrison.

Also remove a pointless comparison (also pointed out by Jeff), add an
initial test using a witness of 2, and increase the random nonces from
64 to 128 bits.

---
 src/math/numbertheory/numthry.cpp | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/src/math/numbertheory/numthry.cpp b/src/math/numbertheory/numthry.cpp
index c7896c1..535ca67 100644
--- a/src/math/numbertheory/numthry.cpp
+++ b/src/math/numbertheory/numthry.cpp
@@ -53,10 +53,8 @@ bool MillerRabin_Test::is_witness(const BigInt& a)
          return false;
       }
 
-   if(y != n_minus_1) // fails Fermat test
-      return true;
-
-   return false;
+   // If we reached here then n fails the Fermat test
+   return true;
    }
 
 /*
@@ -265,7 +263,7 @@ bool primality_test(const BigInt& n,
                     RandomNumberGenerator& rng,
                     size_t level)
    {
-   const size_t PREF_NONCE_BITS = 64;
+   const size_t PREF_NONCE_BITS = 128;
 
    if(n == 2)
       return true;
@@ -295,17 +293,21 @@ bool primality_test(const BigInt& n,
 
    MillerRabin_Test mr(n);
 
+   if(mr.is_witness(2))
+      return false;
+
    const size_t tests = miller_rabin_test_iterations(n.bits(), level);
 
-   BigInt nonce;
    for(size_t i = 0; i != tests; ++i)
       {
+      BigInt nonce;
       while(nonce < 2 || nonce >= (n-1))
          nonce.randomize(rng, NONCE_BITS);
 
       if(mr.is_witness(nonce))
          return false;
       }
+
    return true;
    }
 
-- 
1.8.4.5