dh.c (126274) | dh.c (128456) |
---|---|
1/* 2 * Copyright (c) 2000 Niels Provos. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. --- 9 unchanged lines hidden (view full) --- 18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 */ 24 25#include "includes.h" | 1/* 2 * Copyright (c) 2000 Niels Provos. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. --- 9 unchanged lines hidden (view full) --- 18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 */ 24 25#include "includes.h" |
26RCSID("$OpenBSD: dh.c,v 1.26 2003/12/16 15:51:54 markus Exp $"); | 26RCSID("$OpenBSD: dh.c,v 1.29 2004/02/27 22:49:27 dtucker Exp $"); |
27 28#include "xmalloc.h" 29 30#include <openssl/bn.h> 31#include <openssl/dh.h> 32#include <openssl/evp.h> 33 34#include "buffer.h" --- 51 unchanged lines hidden (view full) --- 86 goto failclean; 87 88 if (BN_hex2bn(&dhg->p, prime) == 0) 89 goto failclean; 90 91 if (BN_num_bits(dhg->p) != dhg->size) 92 goto failclean; 93 | 27 28#include "xmalloc.h" 29 30#include <openssl/bn.h> 31#include <openssl/dh.h> 32#include <openssl/evp.h> 33 34#include "buffer.h" --- 51 unchanged lines hidden (view full) --- 86 goto failclean; 87 88 if (BN_hex2bn(&dhg->p, prime) == 0) 89 goto failclean; 90 91 if (BN_num_bits(dhg->p) != dhg->size) 92 goto failclean; 93 |
94 if (BN_is_zero(dhg->g) || BN_is_one(dhg->g)) 95 goto failclean; 96 |
|
94 return (1); 95 96 failclean: 97 BN_clear_free(dhg->g); 98 BN_clear_free(dhg->p); 99 fail: 100 error("Bad prime description in line %d", linenum); 101 return (0); 102} 103 104DH * 105choose_dh(int min, int wantbits, int max) 106{ 107 FILE *f; | 97 return (1); 98 99 failclean: 100 BN_clear_free(dhg->g); 101 BN_clear_free(dhg->p); 102 fail: 103 error("Bad prime description in line %d", linenum); 104 return (0); 105} 106 107DH * 108choose_dh(int min, int wantbits, int max) 109{ 110 FILE *f; |
108 char line[2048]; | 111 char line[4096]; |
109 int best, bestcount, which; 110 int linenum; 111 struct dhgroup dhg; 112 113 if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL && 114 (f = fopen(_PATH_DH_PRIMES, "r")) == NULL) { 115 logit("WARNING: %s does not exist, using old modulus", _PATH_DH_MODULI); 116 return (dh_new_group1()); --- 72 unchanged lines hidden (view full) --- 189 return 1; 190 logit("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p)); 191 return 0; 192} 193 194void 195dh_gen_key(DH *dh, int need) 196{ | 112 int best, bestcount, which; 113 int linenum; 114 struct dhgroup dhg; 115 116 if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL && 117 (f = fopen(_PATH_DH_PRIMES, "r")) == NULL) { 118 logit("WARNING: %s does not exist, using old modulus", _PATH_DH_MODULI); 119 return (dh_new_group1()); --- 72 unchanged lines hidden (view full) --- 192 return 1; 193 logit("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p)); 194 return 0; 195} 196 197void 198dh_gen_key(DH *dh, int need) 199{ |
197 int i, bits_set = 0, tries = 0; | 200 int i, bits_set, tries = 0; |
198 199 if (dh->p == NULL) 200 fatal("dh_gen_key: dh->p == NULL"); 201 if (need > INT_MAX / 2 || 2 * need >= BN_num_bits(dh->p)) 202 fatal("dh_gen_key: group too small: %d (2*need %d)", 203 BN_num_bits(dh->p), 2*need); 204 do { 205 if (dh->priv_key != NULL) 206 BN_clear_free(dh->priv_key); 207 if ((dh->priv_key = BN_new()) == NULL) 208 fatal("dh_gen_key: BN_new failed"); 209 /* generate a 2*need bits random private exponent */ 210 if (!BN_rand(dh->priv_key, 2*need, 0, 0)) 211 fatal("dh_gen_key: BN_rand failed"); 212 if (DH_generate_key(dh) == 0) 213 fatal("DH_generate_key"); | 201 202 if (dh->p == NULL) 203 fatal("dh_gen_key: dh->p == NULL"); 204 if (need > INT_MAX / 2 || 2 * need >= BN_num_bits(dh->p)) 205 fatal("dh_gen_key: group too small: %d (2*need %d)", 206 BN_num_bits(dh->p), 2*need); 207 do { 208 if (dh->priv_key != NULL) 209 BN_clear_free(dh->priv_key); 210 if ((dh->priv_key = BN_new()) == NULL) 211 fatal("dh_gen_key: BN_new failed"); 212 /* generate a 2*need bits random private exponent */ 213 if (!BN_rand(dh->priv_key, 2*need, 0, 0)) 214 fatal("dh_gen_key: BN_rand failed"); 215 if (DH_generate_key(dh) == 0) 216 fatal("DH_generate_key"); |
214 for (i = 0; i <= BN_num_bits(dh->priv_key); i++) | 217 for (i = 0, bits_set = 0; i <= BN_num_bits(dh->priv_key); i++) |
215 if (BN_is_bit_set(dh->priv_key, i)) 216 bits_set++; 217 debug2("dh_gen_key: priv key bits set: %d/%d", 218 bits_set, BN_num_bits(dh->priv_key)); 219 if (tries++ > 10) 220 fatal("dh_gen_key: too many bad keys: giving up"); 221 } while (!dh_pub_is_valid(dh, dh->pub_key)); 222} --- 65 unchanged lines hidden --- | 218 if (BN_is_bit_set(dh->priv_key, i)) 219 bits_set++; 220 debug2("dh_gen_key: priv key bits set: %d/%d", 221 bits_set, BN_num_bits(dh->priv_key)); 222 if (tries++ > 10) 223 fatal("dh_gen_key: too many bad keys: giving up"); 224 } while (!dh_pub_is_valid(dh, dh->pub_key)); 225} --- 65 unchanged lines hidden --- |