dh_gen.c (59191) | dh_gen.c (100928) |
---|---|
1/* crypto/dh/dh_gen.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 68 unchanged lines hidden (view full) --- 77 * 78 * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the 79 * special generators and for answering some of my questions. 80 * 81 * I've implemented the second simple method :-). 82 * Since DH should be using a safe prime (both p and q are prime), 83 * this generator function can take a very very long time to run. 84 */ | 1/* crypto/dh/dh_gen.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 68 unchanged lines hidden (view full) --- 77 * 78 * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the 79 * special generators and for answering some of my questions. 80 * 81 * I've implemented the second simple method :-). 82 * Since DH should be using a safe prime (both p and q are prime), 83 * this generator function can take a very very long time to run. 84 */ |
85 | 85/* Actually there is no reason to insist that 'generator' be a generator. 86 * It's just as OK (and in some sense better) to use a generator of the 87 * order-q subgroup. 88 */ |
86DH *DH_generate_parameters(int prime_len, int generator, 87 void (*callback)(int,int,void *), void *cb_arg) 88 { 89 BIGNUM *p=NULL,*t1,*t2; 90 DH *ret=NULL; 91 int g,ok= -1; 92 BN_CTX *ctx=NULL; 93 94 ret=DH_new(); 95 if (ret == NULL) goto err; 96 ctx=BN_CTX_new(); 97 if (ctx == NULL) goto err; 98 BN_CTX_start(ctx); 99 t1 = BN_CTX_get(ctx); 100 t2 = BN_CTX_get(ctx); 101 if (t1 == NULL || t2 == NULL) goto err; 102 | 89DH *DH_generate_parameters(int prime_len, int generator, 90 void (*callback)(int,int,void *), void *cb_arg) 91 { 92 BIGNUM *p=NULL,*t1,*t2; 93 DH *ret=NULL; 94 int g,ok= -1; 95 BN_CTX *ctx=NULL; 96 97 ret=DH_new(); 98 if (ret == NULL) goto err; 99 ctx=BN_CTX_new(); 100 if (ctx == NULL) goto err; 101 BN_CTX_start(ctx); 102 t1 = BN_CTX_get(ctx); 103 t2 = BN_CTX_get(ctx); 104 if (t1 == NULL || t2 == NULL) goto err; 105 |
106 if (generator <= 1) 107 { 108 DHerr(DH_F_DH_GENERATE_PARAMETERS, DH_R_BAD_GENERATOR); 109 goto err; 110 } |
|
103 if (generator == DH_GENERATOR_2) 104 { | 111 if (generator == DH_GENERATOR_2) 112 { |
105 BN_set_word(t1,24); 106 BN_set_word(t2,11); | 113 if (!BN_set_word(t1,24)) goto err; 114 if (!BN_set_word(t2,11)) goto err; |
107 g=2; 108 } | 115 g=2; 116 } |
109#ifdef undef /* does not work for safe primes */ | 117#if 0 /* does not work for safe primes */ |
110 else if (generator == DH_GENERATOR_3) 111 { | 118 else if (generator == DH_GENERATOR_3) 119 { |
112 BN_set_word(t1,12); 113 BN_set_word(t2,5); | 120 if (!BN_set_word(t1,12)) goto err; 121 if (!BN_set_word(t2,5)) goto err; |
114 g=3; 115 } 116#endif 117 else if (generator == DH_GENERATOR_5) 118 { | 122 g=3; 123 } 124#endif 125 else if (generator == DH_GENERATOR_5) 126 { |
119 BN_set_word(t1,10); 120 BN_set_word(t2,3); | 127 if (!BN_set_word(t1,10)) goto err; 128 if (!BN_set_word(t2,3)) goto err; |
121 /* BN_set_word(t3,7); just have to miss 122 * out on these ones :-( */ 123 g=5; 124 } 125 else | 129 /* BN_set_word(t3,7); just have to miss 130 * out on these ones :-( */ 131 g=5; 132 } 133 else |
134 { 135 /* in the general case, don't worry if 'generator' is a 136 * generator or not: since we are using safe primes, 137 * it will generate either an order-q or an order-2q group, 138 * which both is OK */ 139 if (!BN_set_word(t1,2)) goto err; 140 if (!BN_set_word(t2,1)) goto err; |
|
126 g=generator; | 141 g=generator; |
142 } |
|
127 128 p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg); 129 if (p == NULL) goto err; 130 if (callback != NULL) callback(3,0,cb_arg); 131 ret->p=p; 132 ret->g=BN_new(); 133 if (!BN_set_word(ret->g,g)) goto err; 134 ok=1; --- 19 unchanged lines hidden --- | 143 144 p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg); 145 if (p == NULL) goto err; 146 if (callback != NULL) callback(3,0,cb_arg); 147 ret->p=p; 148 ret->g=BN_new(); 149 if (!BN_set_word(ret->g,g)) goto err; 150 ok=1; --- 19 unchanged lines hidden --- |