)]}'
{
  "commit": "31302a473afcde1bc60acdeab0b0cb0498b5aa66",
  "tree": "fb53d4517589dfe0623733bd301eb96dd0162557",
  "parents": [
    "a7a75f208caea8a303615724d4cc5f4e8dfb9695"
  ],
  "author": {
    "name": "David Benjamin",
    "email": "davidben@google.com",
    "time": "Sun Oct 13 11:18:30 2019 -0400"
  },
  "committer": {
    "name": "CQ bot account: commit-bot@chromium.org",
    "email": "commit-bot@chromium.org",
    "time": "Tue Oct 15 20:50:47 2019 +0000"
  },
  "message": "Fix up BN_GENCB_call calls.\n\nUse the constants when defined. Also OpenSSL uses 0-indexed iteration\ncounts rather than 1-indexed. This likely changed when we tried to align\nwith the 1-indexed FIPS 186-4 algorithm.\n\nAlso fix the safe prime call. BN_GENCB_call(cb, i, c1 - 1) doesn\u0027t make\nsense since the first parameter should be an event constant. OpenSSL\ndoes BN_GENCB_call(cb, 2, c1 - 1).\n\nThis also doesn\u0027t make sense. OpenSSL documents 2 as meaning the prime\nhas been found. That function is interleaving the p and (p-1)/2 checks\nto save the full iteration count on p if (p-1)/2 is composite anyway.\n\nThat also doesn\u0027t work because the blinding mechanism runs even if the\niteration count is 1, so we\u0027re actually paying for the blinding four\ntimes. Add a TODO to address this.\n\n(I can only assume we just never try to generate safe primes. Moreover,\nwe don\u0027t even use BN_generate_prime_ex in RSA keygen. Still, that\nfunction needs work.)\n\nChange-Id: I6f0b7cd10da28484362c92db0c806c1c3045d415\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/38169\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "cb419c8100340c9aa732a698637e2e9a5c6ba316",
      "old_mode": 33188,
      "old_path": "crypto/dsa/dsa.c",
      "new_id": "cc98225dfa3d82e6bb484e1c5cec24ddb42dabde",
      "new_mode": 33188,
      "new_path": "crypto/dsa/dsa.c"
    },
    {
      "type": "modify",
      "old_id": "9df4f95c14918d6b1b5a04749d3c65623cabd40b",
      "old_mode": 33188,
      "old_path": "crypto/fipsmodule/bn/prime.c",
      "new_id": "efaec65d42ef3d9f18f35f1d5db5fc9b7785588d",
      "new_mode": 33188,
      "new_path": "crypto/fipsmodule/bn/prime.c"
    }
  ]
}