From e5cb2603652b868225adc1db3db531a07c13b562 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Bodo=20M=C3=B6ller?= Date: Wed, 25 Jul 2001 17:48:51 +0000 Subject: [PATCH] DH key generation should not use a do ... while loop, or bogus DH parameters can be used for launching DOS attacks --- crypto/dh/dh_key.c | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 718a9a481e..df0300402e 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -135,13 +135,9 @@ static int generate_key(DH *dh) l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */ - do - { - if (!BN_rand(priv_key, l, 0, 0)) goto err; - if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, pub_key, dh->g, - priv_key,dh->p,ctx,mont)) goto err; - } - while (BN_is_one(priv_key)); + if (!BN_rand(priv_key, l, 0, 0)) goto err; + if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, pub_key, dh->g, + priv_key,dh->p,ctx,mont)) goto err; dh->pub_key=pub_key; dh->priv_key=priv_key; -- 2.25.1