generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

DH keys have an (until now) unused 'q' parameter. When creating from DSA copy

Browse Source 
q across and if q present generate DH key in the correct range. (from HEAD)
This commit is contained in:
Dr. Stephen Henson 2011-11-14 14:16:09 +00:00
parent f69e5d6a19
commit 5999d45a5d
2 changed files with 21 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
crypto/dh/dh_key.c
View File

@ -154,8 +154,21 @@ static int generate_key(DH *dh)
if (generate_new_key)
{
l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
if (!BN_rand(priv_key, l, 0, 0)) goto err;
if (dh->q)
{
do
{
if (!BN_rand_range(priv_key, dh->q))
goto err;
}
while (BN_is_zero(priv_key) || BN_is_one(priv_key));
}
else
{
/* secret exponent length */
l = dh->length ? dh->length : BN_num_bits(dh->p)-1;
if (!BN_rand(priv_key, l, 0, 0)) goto err;
}
}
{

7
crypto/dsa/dsa_lib.c
View File

@ -289,7 +289,8 @@ void *DSA_get_ex_data(DSA *d, int idx)
DH *DSA_dup_DH(const DSA *r)
{
/* DSA has p, q, g, optional pub_key, optional priv_key.
* DH has p, optional length, g, optional pub_key, optional priv_key.
* DH has p, optional length, g, optional pub_key, optional priv_key,
* optional q.
*/
DH *ret = NULL;
@ -303,7 +304,11 @@ DH *DSA_dup_DH(const DSA *r)
if ((ret->p = BN_dup(r->p)) == NULL)
goto err;
if (r->q != NULL)
{
ret->length = BN_num_bits(r->q);
if ((ret->q = BN_dup(r->q)) == NULL)
goto err;
}
if (r->g != NULL)
if ((ret->g = BN_dup(r->g)) == NULL)
goto err;