Merged PR 7725881: Fix bug for SymCryptRsakeyGenerate for encrypt-only keys

+ Tweak unittest code to exercise asymmetric key generation code with
  a single algorithm flag

Related work items: #40928629

Author: samuel-lee-msft

inc/symcrypt_internal.h

@@ -2064,6 +2064,12 @@ SYMCRYPT_ASYM_ALIGN_STRUCT _SYMCRYPT_MODELEMENT {
 
 #define SYMCRYPT_RSAKEY_MIN_BITSIZE_MODULUS         (256)               // Some of our SCS code requires at least 32 bytes...
 #define SYMCRYPT_RSAKEY_MAX_BITSIZE_MODULUS         (1 << 16)           // Avoid any integer overflows in size calculations
+
+// RSA FIPS self-tests require at least 496 bits to avoid fatal
+// Require caller to specify NO_FIPS for up to 1024 bits as running FIPS tests on too-small keys
+// does not make it FIPS certifiable and gives the wrong impression to callers
+#define SYMCRYPT_RSAKEY_FIPS_MIN_BITSIZE_MODULUS    (1024)      
+
 #define SYMCRYPT_RSAKEY_MIN_BITSIZE_PRIME           (128)
 #define SYMCRYPT_RSAKEY_MAX_BITSIZE_PRIME           (SYMCRYPT_RSAKEY_MAX_BITSIZE_MODULUS / 2)
 

lib/rsakey.c

@@ -502,8 +502,6 @@ SymCryptRsakeyGenerate(
     UINT32 cbDivisor = 0;
     PSYMCRYPT_DIVISOR pdTmp = NULL;
 
-	// dcl - why are we reading an out parameter? Looks like it is really _InOut_
-	// should there be some level of sanity checking here?
     UINT32 ndMod = pkRsakey->nDigitsOfModulus;
     UINT32 cbMod = 0;
     PSYMCRYPT_INT piPhi = NULL;
@@ -534,6 +532,16 @@ SymCryptRsakeyGenerate(
         goto cleanup;
     }
 
+    // SymCryptRsaSignVerifyTest self-test requires generated key to be at least 496 bits to avoid fatal
+    // Require caller to specify NO_FIPS for up to 1024 bits as running FIPS tests on too-small keys
+    // does not make it FIPS certifiable and gives the wrong impression to callers
+    if ( ( (flags & SYMCRYPT_FLAG_KEY_NO_FIPS) == 0 ) &&
+         ( pkRsakey->nSetBitsOfModulus < SYMCRYPT_RSAKEY_FIPS_MIN_BITSIZE_MODULUS ) )
+    {
+        scError = SYMCRYPT_INVALID_ARGUMENT;
+        goto cleanup;
+    }
+
     // Handle the default exponent case
     if( pu64PubExp == NULL && nPubExp == 0 )
     {
@@ -725,11 +733,21 @@ SymCryptRsakeyGenerate(
 
         // Run SignVerify PCT on generated keypair
         // Our current understanding is that this PCT is sufficient for both RSA_SIGN and RSA_ENCRYPT
+
+        // Unconditionally set the sign flag to enable SignVerify PCT on encrypt-only keypair
+        pkRsakey->fAlgorithmInfo |= SYMCRYPT_FLAG_RSAKEY_SIGN;
+
         SYMCRYPT_RUN_KEYGEN_PCT(
             SymCryptRsaSignVerifyTest,
             pkRsakey,
             0, /* Do not set any algorithm selftest as run with this PCT */
             SYMCRYPT_SELFTEST_KEY_RSA_SIGN );
+
+        // Unset the sign flag before returning encrypt-only keypair
+        if ( ( flags & SYMCRYPT_FLAG_RSAKEY_SIGN ) == 0 )
+        {
+            pkRsakey->fAlgorithmInfo ^= SYMCRYPT_FLAG_RSAKEY_SIGN;
+        }
     }
 
 cleanup:

unittest/lib/perf_sc_imp_pattern.cpp

@@ -29,6 +29,11 @@ addRsaKeyGenPerfSymCrypt<ImpXxx>( PrintTable &table )
     for( UINT32 i=0; i<ARRAY_SIZE( bitSizes ); i++ )
     {
         UINT32 bitSize = bitSizes[i];
+        UINT32 generateFlags = SYMCRYPT_FLAG_RSAKEY_SIGN | SYMCRYPT_FLAG_RSAKEY_ENCRYPT;
+        if( bitSize < SYMCRYPT_RSAKEY_FIPS_MIN_BITSIZE_MODULUS )
+        {
+            generateFlags |= SYMCRYPT_FLAG_KEY_NO_FIPS;
+        }
 
         UINT64 scTicks;
         double scCost;
@@ -44,7 +49,7 @@ addRsaKeyGenPerfSymCrypt<ImpXxx>( PrintTable &table )
             UINT64 start = GET_PERF_CLOCK();
 
             PSYMCRYPT_RSAKEY pScKey = ScShimSymCryptRsakeyAllocate( &scRsaParams, 0 );
-            ScShimSymCryptRsakeyGenerate( pScKey, nullptr, 0, SYMCRYPT_FLAG_RSAKEY_SIGN | SYMCRYPT_FLAG_RSAKEY_ENCRYPT );
+            ScShimSymCryptRsakeyGenerate( pScKey, nullptr, 0, generateFlags );
             ScShimSymCryptRsakeyFree( pScKey );
 
             UINT64 stop = GET_PERF_CLOCK();

unittest/lib/sc_imp_pattern.cpp

@@ -2517,20 +2517,28 @@ ArithImp<ImpXxx, AlgDeveloperTest>::~ArithImp()
 // Table with the RSA keys' sizes and pointers to keys
 struct {
     SIZE_T                      keySize;
+    UINT32                      generateFlags;
     PSYMCRYPT_RSAKEY            pkRsakey;
 } CONCAT2(g_precomputedRsaKeys, ImpXxx)[] = {
-    {  32, NULL },
-    {  64, NULL },
-    { 128, NULL },
-    { 256, NULL },
-    { 384, NULL },
-    { 512, NULL },
-    {1024, NULL },
+    {  32, SYMCRYPT_FLAG_RSAKEY_SIGN, NULL },
+    {  64, SYMCRYPT_FLAG_RSAKEY_SIGN, NULL },
+    { 128, SYMCRYPT_FLAG_RSAKEY_SIGN, NULL },
+    { 256, SYMCRYPT_FLAG_RSAKEY_SIGN, NULL },
+    { 384, SYMCRYPT_FLAG_RSAKEY_SIGN, NULL },
+    { 512, SYMCRYPT_FLAG_RSAKEY_SIGN, NULL },
+    {1024, SYMCRYPT_FLAG_RSAKEY_SIGN, NULL },
+    {  32, SYMCRYPT_FLAG_RSAKEY_ENCRYPT, NULL },
+    {  64, SYMCRYPT_FLAG_RSAKEY_ENCRYPT, NULL },
+    { 128, SYMCRYPT_FLAG_RSAKEY_ENCRYPT, NULL },
+    { 256, SYMCRYPT_FLAG_RSAKEY_ENCRYPT, NULL },
+    { 384, SYMCRYPT_FLAG_RSAKEY_ENCRYPT, NULL },
+    { 512, SYMCRYPT_FLAG_RSAKEY_ENCRYPT, NULL },
+    {1024, SYMCRYPT_FLAG_RSAKEY_ENCRYPT, NULL },
 };
 
 template<>
 void
-SetupRsaKey<ImpXxx>( PBYTE buf1, SIZE_T keySize )
+SetupSymCryptRsaKey<ImpXxx>( PBYTE buf1, SIZE_T keySize, UINT32 generateFlags )
 {
     int i = 0;
     BOOLEAN bFound = FALSE;
@@ -2539,7 +2547,8 @@ SetupRsaKey<ImpXxx>( PBYTE buf1, SIZE_T keySize )
 
     for( i=0; i < ARRAY_SIZE(CONCAT2(g_precomputedRsaKeys, ImpXxx)); i++ )
     {
-        if ( keySize == CONCAT2(g_precomputedRsaKeys, ImpXxx)[i].keySize )
+        if ( keySize == CONCAT2(g_precomputedRsaKeys, ImpXxx)[i].keySize &&
+             generateFlags == CONCAT2(g_precomputedRsaKeys, ImpXxx)[i].generateFlags )
         {
             bFound = TRUE;
 
@@ -2557,8 +2566,13 @@ SetupRsaKey<ImpXxx>( PBYTE buf1, SIZE_T keySize )
                 pkRsakey = ScShimSymCryptRsakeyAllocate( &rsaParams, 0 );
                 CHECK( pkRsakey != NULL, "?" );
 
+                if ( rsaParams.nBitsOfModulus < SYMCRYPT_RSAKEY_FIPS_MIN_BITSIZE_MODULUS )
+                {
+                    generateFlags |= SYMCRYPT_FLAG_KEY_NO_FIPS;
+                }
+
                 // Use default exponent
-                scError = ScShimSymCryptRsakeyGenerate( pkRsakey, nullptr, 0, SYMCRYPT_FLAG_RSAKEY_SIGN | SYMCRYPT_FLAG_RSAKEY_ENCRYPT );
+                scError = ScShimSymCryptRsakeyGenerate( pkRsakey, nullptr, 0, generateFlags );
                 CHECK( scError == SYMCRYPT_NO_ERROR, "?" );
 
                 CONCAT2(g_precomputedRsaKeys, ImpXxx)[i].pkRsakey = pkRsakey;
@@ -2575,11 +2589,11 @@ SetupRsaKey<ImpXxx>( PBYTE buf1, SIZE_T keySize )
 
 template<>
 void
-sc_RsaKeyPerf<ImpXxx>( PBYTE buf1, PBYTE buf2, SIZE_T keySize )
+sc_RsaKeyPerf<ImpXxx>( PBYTE buf1, PBYTE buf2, SIZE_T keySize, UINT32 generateFlags )
 {
     SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR;
 
-    SetupRsaKey<ImpXxx>( buf1, keySize );
+    SetupSymCryptRsaKey<ImpXxx>( buf1, keySize, generateFlags );
 
     buf2[0] = 0;
     // Don't fill it up so that it is smaller than the modulus
@@ -2627,7 +2641,7 @@ algImpKeyPerfFunction<ImpXxx, AlgRsaSignPkcs1>( PBYTE buf1, PBYTE buf2, PBYTE bu
     SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR;
     SIZE_T cbDst = 0;
 
-    sc_RsaKeyPerf<ImpXxx>( buf1, buf2, keySize );
+    sc_RsaKeyPerf<ImpXxx>( buf1, buf2, keySize, SYMCRYPT_FLAG_RSAKEY_SIGN );
 
     scError = ScShimSymCryptRsaPkcs1Sign(
                     *((PSYMCRYPT_RSAKEY *) buf1),
@@ -2856,7 +2870,7 @@ algImpKeyPerfFunction<ImpXxx, AlgRsaSignPss>( PBYTE buf1, PBYTE buf2, PBYTE buf3
     SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR;
     SIZE_T cbDst = 0;
 
-    sc_RsaKeyPerf<ImpXxx>( buf1, buf2, keySize );
+    sc_RsaKeyPerf<ImpXxx>( buf1, buf2, keySize, SYMCRYPT_FLAG_RSAKEY_SIGN );
 
     scError = ScShimSymCryptRsaPssSign(
                     *((PSYMCRYPT_RSAKEY *) buf1),
@@ -3086,7 +3100,7 @@ algImpKeyPerfFunction<ImpXxx, AlgRsaEncRaw>( PBYTE buf1, PBYTE buf2, PBYTE buf3,
 {
     SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR;
 
-    sc_RsaKeyPerf<ImpXxx>( buf1, buf2, keySize );
+    sc_RsaKeyPerf<ImpXxx>( buf1, buf2, keySize, SYMCRYPT_FLAG_RSAKEY_ENCRYPT );
 
     scError = ScShimSymCryptRsaRawEncrypt(
                     *((PSYMCRYPT_RSAKEY *) buf1),
@@ -3289,7 +3303,7 @@ algImpKeyPerfFunction<ImpXxx, AlgRsaEncPkcs1>( PBYTE buf1, PBYTE buf2, PBYTE buf
     SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR;
     SIZE_T cbDst = 0;
 
-    sc_RsaKeyPerf<ImpXxx>( buf1, buf2, keySize );
+    sc_RsaKeyPerf<ImpXxx>( buf1, buf2, keySize, SYMCRYPT_FLAG_RSAKEY_ENCRYPT );
 
     scError = ScShimSymCryptRsaPkcs1Encrypt(
                     *((PSYMCRYPT_RSAKEY *) buf1),
@@ -3505,7 +3519,7 @@ algImpKeyPerfFunction<ImpXxx, AlgRsaEncOaep>( PBYTE buf1, PBYTE buf2, PBYTE buf3
     SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR;
     SIZE_T cbDst = 0;
 
-    sc_RsaKeyPerf<ImpXxx>( buf1, buf2, keySize );
+    sc_RsaKeyPerf<ImpXxx>( buf1, buf2, keySize, SYMCRYPT_FLAG_RSAKEY_ENCRYPT );
 
     scError = ScShimSymCryptRsaOaepEncrypt(
                     *((PSYMCRYPT_RSAKEY *) buf1),
@@ -3796,7 +3810,7 @@ algImpKeyPerfFunction<ImpXxx, AlgRsaEncOaep>( PBYTE buf1, PBYTE buf2, PBYTE buf3
     BYTE rbResult[1024] = { 0 };
     SIZE_T cbDst = 0;
 
-    sc_RsaKeyPerf<ImpXxx>( buf1, buf2, keySize );
+    sc_RsaKeyPerf<ImpXxx>( buf1, buf2, keySize, SYMCRYPT_FLAG_RSAKEY_ENCRYPT );
 
     scError = ScShimSymCryptRsaOaepEncrypt(
                     *((PSYMCRYPT_RSAKEY *) buf1),
@@ -4088,7 +4102,7 @@ SetupDlGroup<ImpXxx>( PBYTE buf1, SIZE_T keySize )
 
 template<>
 void
-SetupSymCryptDsaAndDh<ImpXxx>( PBYTE buf1, PBYTE buf2, PBYTE buf3 )
+SetupSymCryptDsa<ImpXxx>( PBYTE buf1, PBYTE buf2, PBYTE buf3 )
 {
     SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR;
 
@@ -4104,7 +4118,7 @@ SetupSymCryptDsaAndDh<ImpXxx>( PBYTE buf1, PBYTE buf2, PBYTE buf3 )
     PUINT32 puiSignatureSize = NULL;
     UINT32 cbAgreedSecret, cbHashValue;
 
-    UINT32 generateFlags = SYMCRYPT_FLAG_DLKEY_DH | SYMCRYPT_FLAG_DLKEY_DSA | SYMCRYPT_FLAG_KEY_NO_FIPS;
+    UINT32 generateFlags = SYMCRYPT_FLAG_DLKEY_DSA;
 
     pPtrs[0] = ScShimSymCryptDlkeyCreate( buf2 + buff2Offset, dlkeysize, pDlgroup );
     scError = ScShimSymCryptDlkeyGenerate( generateFlags, pPtrs[0] );
@@ -4123,17 +4137,7 @@ SetupSymCryptDsaAndDh<ImpXxx>( PBYTE buf1, PBYTE buf2, PBYTE buf3 )
 
     *puiSignatureSize = signatureSize;
 
-    // Verify that DH can work
-    scError = ScShimSymCryptDhSecretAgreement(
-                ((PSYMCRYPT_DLKEY *) buf2)[0],
-                ((PSYMCRYPT_DLKEY *) buf2)[1],
-                SYMCRYPT_NUMBER_FORMAT_MSB_FIRST,
-                0,
-                buf3 + sizeof(UINT32),
-                cbAgreedSecret );
-    CHECK( scError == SYMCRYPT_NO_ERROR, "SymCryptDhSecretAgreement failed" );
-
-    // Same for DSA
+    // Verify that DSA can work
     cbHashValue = ScShimSymCryptDlkeySizeofPrivateKey( ((PSYMCRYPT_DLKEY *)buf2)[0] );
     scError = ScShimSymCryptDsaSign(
                 ((PSYMCRYPT_DLKEY *) buf2)[0],
@@ -4167,7 +4171,7 @@ algImpKeyPerfFunction<ImpXxx, AlgDsaSign>( PBYTE buf1, PBYTE buf2, PBYTE buf3, S
     UNREFERENCED_PARAMETER( buf3 );
 
     SetupDlGroup<ImpXxx>( buf1, keySize );
-    SetupSymCryptDsaAndDh<ImpXxx>( buf1, buf2, buf3 );
+    SetupSymCryptDsa<ImpXxx>( buf1, buf2, buf3 );
 }
 
 template<>
@@ -4222,7 +4226,7 @@ algImpKeyPerfFunction<ImpXxx, AlgDsaVerify>( PBYTE buf1, PBYTE buf2, PBYTE buf3,
     UNREFERENCED_PARAMETER( buf3 );
 
     SetupDlGroup<ImpXxx>( buf1, keySize );
-    SetupSymCryptDsaAndDh<ImpXxx>( buf1, buf2, buf3 );
+    SetupSymCryptDsa<ImpXxx>( buf1, buf2, buf3 );
 }
 
 template<>
@@ -4768,7 +4772,7 @@ SetupSymCryptCurves<ImpXxx>( PBYTE buf1, SIZE_T keySize )
 
 template<>
 void
-SetupSymCryptEcdsaAndEcdh<ImpXxx>( PBYTE buf1, PBYTE buf2, PBYTE buf3 )
+SetupSymCryptEckey<ImpXxx>( PBYTE buf1, PBYTE buf2, PBYTE buf3, UINT32 setRandomFlags )
 {
     SYMCRYPT_ERROR scError = SYMCRYPT_NO_ERROR;
 
@@ -4780,7 +4784,7 @@ SetupSymCryptEcdsaAndEcdh<ImpXxx>( PBYTE buf1, PBYTE buf2, PBYTE buf3 )
     PSYMCRYPT_ECKEY * pPtrs = ((PSYMCRYPT_ECKEY *) buf2);
     pPtrs[0] = ScShimSymCryptEckeyCreate( buf2 + 32, eckeySize, pCurve );
 
-    scError = ScShimSymCryptEckeySetRandom( SYMCRYPT_FLAG_ECKEY_ECDSA | SYMCRYPT_FLAG_ECKEY_ECDH, pPtrs[0] );
+    scError = ScShimSymCryptEckeySetRandom( setRandomFlags, pPtrs[0] );
     CHECK( scError == SYMCRYPT_NO_ERROR, "?" );
 
     pPtrs[1] = (PSYMCRYPT_ECKEY) ((PBYTE)buf2 + 32 + eckeySize);    // This will hold the hash of the message
@@ -4795,20 +4799,23 @@ SetupSymCryptEcdsaAndEcdh<ImpXxx>( PBYTE buf1, PBYTE buf2, PBYTE buf3 )
     *puiSignatureSize = signatureSize;
 
     // Verify that ECDH can work
-    UINT32 cbAgreedSecret = ScShimSymCryptEcurveSizeofFieldElement( *(PSYMCRYPT_ECURVE *) buf1 );
-    CHECK( cbAgreedSecret <= *((PUINT32)buf3), "Buffer 3 too small for ECDH");
-    scError = ScShimSymCryptEcDhSecretAgreement(
-                ((PSYMCRYPT_ECKEY *) buf2)[0],
-                ((PSYMCRYPT_ECKEY *) buf2)[0],      // Same private and public key
-                SYMCRYPT_NUMBER_FORMAT_MSB_FIRST,
-                0,
-                buf3 + sizeof(UINT32),
-                cbAgreedSecret);
-    CHECK( scError == SYMCRYPT_NO_ERROR, "SymCryptEcDhSecretAgreement failed" );
+    if ( setRandomFlags & SYMCRYPT_FLAG_ECKEY_ECDH )
+    {
+        UINT32 cbAgreedSecret = ScShimSymCryptEcurveSizeofFieldElement( *(PSYMCRYPT_ECURVE *) buf1 );
+        CHECK( cbAgreedSecret <= *((PUINT32)buf3), "Buffer 3 too small for ECDH");
+        scError = ScShimSymCryptEcDhSecretAgreement(
+                    ((PSYMCRYPT_ECKEY *) buf2)[0],
+                    ((PSYMCRYPT_ECKEY *) buf2)[0],      // Same private and public key
+                    SYMCRYPT_NUMBER_FORMAT_MSB_FIRST,
+                    0,
+                    buf3 + sizeof(UINT32),
+                    cbAgreedSecret);
+        CHECK( scError == SYMCRYPT_NO_ERROR, "SymCryptEcDhSecretAgreement failed" );
+    }
 
-    if (pCurve->type != SYMCRYPT_ECURVE_TYPE_MONTGOMERY)
+    // Verify that ECDSA can work
+    if ( (setRandomFlags & SYMCRYPT_FLAG_ECKEY_ECDSA) != 0 )
     {
-        // Same for ECDSA
         scError = ScShimSymCryptEcDsaSign(
                         pPtrs[0],
                         (PBYTE) pPtrs[1],
@@ -4901,7 +4908,7 @@ VOID
 algImpKeyPerfFunction<ImpXxx, AlgEcdsaSign>( PBYTE buf1, PBYTE buf2, PBYTE buf3, SIZE_T keySize )
 {
     SetupSymCryptCurves<ImpXxx>( buf1, keySize );
-    SetupSymCryptEcdsaAndEcdh<ImpXxx>( buf1, buf2, buf3 );
+    SetupSymCryptEckey<ImpXxx>( buf1, buf2, buf3, SYMCRYPT_FLAG_ECKEY_ECDSA );
 }
 
 template<>
@@ -4952,7 +4959,7 @@ VOID
 algImpKeyPerfFunction<ImpXxx, AlgEcdsaVerify>( PBYTE buf1, PBYTE buf2, PBYTE buf3, SIZE_T keySize )
 {
     SetupSymCryptCurves<ImpXxx>( buf1, keySize );
-    SetupSymCryptEcdsaAndEcdh<ImpXxx>( buf1, buf2, buf3 );
+    SetupSymCryptEckey<ImpXxx>( buf1, buf2, buf3, SYMCRYPT_FLAG_ECKEY_ECDSA );
 }
 
 template<>
@@ -5003,7 +5010,7 @@ VOID
 algImpKeyPerfFunction<ImpXxx, AlgEcdh>( PBYTE buf1, PBYTE buf2, PBYTE buf3, SIZE_T keySize )
 {
     SetupSymCryptCurves<ImpXxx>( buf1, keySize );
-    SetupSymCryptEcdsaAndEcdh<ImpXxx>( buf1, buf2, buf3 );
+    SetupSymCryptEckey<ImpXxx>( buf1, buf2, buf3, SYMCRYPT_FLAG_ECKEY_ECDH );
 }
 
 template<>

unittest/lib/sc_implementations.cpp

@@ -51,11 +51,11 @@ setupModOperations( PBYTE buf1, PBYTE buf2, PBYTE buf3, SIZE_T keySize );
 
 template<class Implementation>
 void
-SetupRsaKey( PBYTE buf1, SIZE_T keySize );
+SetupSymCryptRsaKey( PBYTE buf1, SIZE_T keySize, UINT32 generateFlags );
 
 template<class Implementation>
 void
-sc_RsaKeyPerf( PBYTE buf1, PBYTE buf2, SIZE_T keySize );
+sc_RsaKeyPerf( PBYTE buf1, PBYTE buf2, SIZE_T keySize, UINT32 generateFlags );
 
 template<class Implementation>
 VOID
@@ -67,7 +67,7 @@ SetupDlGroup( PBYTE buf1, SIZE_T keySize );
 
 template<class Implementation>
 void
-SetupSymCryptDsaAndDh( PBYTE buf1, PBYTE buf2, PBYTE buf3 );
+SetupSymCryptDsa( PBYTE buf1, PBYTE buf2, PBYTE buf3 );
 
 template<class Implementation>
 PSYMCRYPT_DLKEY
@@ -88,7 +88,7 @@ SetupSymCryptEcpoints( PBYTE buf1, PBYTE buf2, PBYTE buf3 );
 
 template<class Implementation>
 void
-SetupSymCryptEcdsaAndEcdh( PBYTE buf1, PBYTE buf2, PBYTE buf3 );
+SetupSymCryptEckey( PBYTE buf1, PBYTE buf2, PBYTE buf3, UINT32 setRandomFlags );
 
 VOID
 trialDivisionSetFakePrime( PSYMCRYPT_TRIALDIVISION_PRIME p )