From 3bb12dff3b4e4e691fd413a6de642b339f99a072 Mon Sep 17 00:00:00 2001
From: Simon Tatham <anakin@pobox.com>
Date: Fri, 27 Aug 2021 17:46:25 +0100
Subject: [PATCH] Make pcs_set_oneshot even more one-shot.

Previously, it would generate a prime candidate, test it, and abort if
that candidate failed to be prime. Now, it's even willing to fail
_before_ generating a prime candidate, if the first attempt to even do
that is unsuccessful.

This doesn't affect the existing use case of pcs_set_oneshot, which is
during generation of a safe prime (as implemented by test/primegen.py
--safe), where you want to make a PrimeCandidateSource that can only
return 2p+1 for your existing prime p, and then abort if that fails
the next step of testing. In that situation, the PrimeCandidateSource
will never fail to generate its first output anyway.

But these changed semantics will become useful in another use I'm
about to find for one-shot mode.
---
 keygen/primecandidate.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/keygen/primecandidate.c b/keygen/primecandidate.c
index 02c0259d..fca2b297 100644
--- a/keygen/primecandidate.c
+++ b/keygen/primecandidate.c
@@ -396,6 +396,8 @@ mp_int *pcs_generate(PrimeCandidateSource *s)
 
         if (!ok) {
             mp_free(x);
+            if (s->one_shot)
+                return NULL;
             continue; /* try a new x */
         }