From 5999d45a5d390c610ff5acf13b81bd0d1797ecd8 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 14 Nov 2011 14:16:09 +0000 Subject: [PATCH] DH keys have an (until now) unused 'q' parameter. When creating from DSA copy q across and if q present generate DH key in the correct range. (from HEAD) --- crypto/dh/dh_key.c | 17 +++++++++++++++-- crypto/dsa/dsa_lib.c | 7 ++++++- 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index dd4cd6b593..89a74db4e6 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -154,8 +154,21 @@ static int generate_key(DH *dh) if (generate_new_key) { - l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */ - if (!BN_rand(priv_key, l, 0, 0)) goto err; + if (dh->q) + { + do + { + if (!BN_rand_range(priv_key, dh->q)) + goto err; + } + while (BN_is_zero(priv_key) || BN_is_one(priv_key)); + } + else + { + /* secret exponent length */ + l = dh->length ? dh->length : BN_num_bits(dh->p)-1; + if (!BN_rand(priv_key, l, 0, 0)) goto err; + } } { diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c index e416ef3e12..96d8d0c4b4 100644 --- a/crypto/dsa/dsa_lib.c +++ b/crypto/dsa/dsa_lib.c @@ -289,7 +289,8 @@ void *DSA_get_ex_data(DSA *d, int idx) DH *DSA_dup_DH(const DSA *r) { /* DSA has p, q, g, optional pub_key, optional priv_key. - * DH has p, optional length, g, optional pub_key, optional priv_key. + * DH has p, optional length, g, optional pub_key, optional priv_key, + * optional q. */ DH *ret = NULL; @@ -303,7 +304,11 @@ DH *DSA_dup_DH(const DSA *r) if ((ret->p = BN_dup(r->p)) == NULL) goto err; if (r->q != NULL) + { ret->length = BN_num_bits(r->q); + if ((ret->q = BN_dup(r->q)) == NULL) + goto err; + } if (r->g != NULL) if ((ret->g = BN_dup(r->g)) == NULL) goto err; -- 2.25.1