DH keys have an (until now) unused 'q' parameter. When creating from DSA copy

author Dr. Stephen Henson <steve@openssl.org>

Mon, 14 Nov 2011 14:16:09 +0000 (14:16 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Mon, 14 Nov 2011 14:16:09 +0000 (14:16 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Mon, 14 Nov 2011 14:16:09 +0000 (14:16 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Mon, 14 Nov 2011 14:16:09 +0000 (14:16 +0000)
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c

index dd4cd6b5935093dd13ed194b49237691d79e6cd8..89a74db4e691ba0ba953a5ea59e887a03ffda68f 100644 (file)
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -154,8 +154,21 @@ static int generate_key(DH *dh)
  
         if (generate_new_key)
                 {
-               l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
-               if (!BN_rand(priv_key, l, 0, 0)) goto err;
+               if (dh->q)
+                       {
+                       do
+                               {
+                               if (!BN_rand_range(priv_key, dh->q))
+                                       goto err;
+                               }
+                       while (BN_is_zero(priv_key) || BN_is_one(priv_key));
+                       }
+               else
+                       {
+                       /* secret exponent length */
+                       l = dh->length ? dh->length : BN_num_bits(dh->p)-1;
+                       if (!BN_rand(priv_key, l, 0, 0)) goto err;
+                       }
                 }
  
         {
diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c

index e416ef3e128a0b9a49d8e20633d4501ddfd475c2..96d8d0c4b453a71868b6edae33bf7dc5138c1021 100644 (file)
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@@ -289,7 +289,8 @@ void *DSA_get_ex_data(DSA *d, int idx)
  DH *DSA_dup_DH(const DSA *r)
         {
         /* DSA has p, q, g, optional pub_key, optional priv_key.
-        * DH has p, optional length, g, optional pub_key, optional priv_key.
+        * DH has p, optional length, g, optional pub_key, optional priv_key,
+        * optional q.
          */ 
  
         DH *ret = NULL;
@@ -303,7 +304,11 @@ DH *DSA_dup_DH(const DSA *r)
                 if ((ret->p = BN_dup(r->p)) == NULL)
                         goto err;
         if (r->q != NULL)
+               {
                 ret->length = BN_num_bits(r->q);
+               if ((ret->q = BN_dup(r->q)) == NULL)
+                       goto err;
+               }
         if (r->g != NULL)
                 if ((ret->g = BN_dup(r->g)) == NULL)
                         goto err;
author	Dr. Stephen Henson <steve@openssl.org>
	Mon, 14 Nov 2011 14:16:09 +0000 (14:16 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Mon, 14 Nov 2011 14:16:09 +0000 (14:16 +0000)
crypto/dh/dh_key.c		patch \| blob \| history
crypto/dsa/dsa_lib.c		patch \| blob \| history