| version 1.52, 2013/10/08 11:42:13 |
version 1.53, 2013/11/21 00:45:44 |
|
|
| void |
void |
| dh_gen_key(DH *dh, int need) |
dh_gen_key(DH *dh, int need) |
| { |
{ |
| int i, bits_set, tries = 0; |
int pbits; |
| |
|
| if (need < 0) |
if (need <= 0) |
| fatal("dh_gen_key: need < 0"); |
fatal("%s: need <= 0", __func__); |
| if (dh->p == NULL) |
if (dh->p == NULL) |
| fatal("dh_gen_key: dh->p == NULL"); |
fatal("%s: dh->p == NULL", __func__); |
| if (need > INT_MAX / 2 || 2 * need >= BN_num_bits(dh->p)) |
if ((pbits = BN_num_bits(dh->p)) <= 0) |
| fatal("dh_gen_key: group too small: %d (2*need %d)", |
fatal("%s: bits(p) <= 0", __func__); |
| BN_num_bits(dh->p), 2*need); |
dh->length = MIN(need * 2, pbits - 1); |
| do { |
if (DH_generate_key(dh) == 0) |
| if (dh->priv_key != NULL) |
fatal("%s: key generation failed", __func__); |
| BN_clear_free(dh->priv_key); |
if (!dh_pub_is_valid(dh, dh->pub_key)) |
| if ((dh->priv_key = BN_new()) == NULL) |
fatal("%s: generated invalid key", __func__); |
| fatal("dh_gen_key: BN_new failed"); |
|
| /* generate a 2*need bits random private exponent */ |
|
| if (!BN_rand(dh->priv_key, 2*need, 0, 0)) |
|
| fatal("dh_gen_key: BN_rand failed"); |
|
| if (DH_generate_key(dh) == 0) |
|
| fatal("DH_generate_key"); |
|
| for (i = 0, bits_set = 0; i <= BN_num_bits(dh->priv_key); i++) |
|
| if (BN_is_bit_set(dh->priv_key, i)) |
|
| bits_set++; |
|
| debug2("dh_gen_key: priv key bits set: %d/%d", |
|
| bits_set, BN_num_bits(dh->priv_key)); |
|
| if (tries++ > 10) |
|
| fatal("dh_gen_key: too many bad keys: giving up"); |
|
| } while (!dh_pub_is_valid(dh, dh->pub_key)); |
|
| } |
} |
| |
|
| DH * |
DH * |
![[BACK]](/icons/back.gif){kind=icon}
Return to dh.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh