diff options
| -rw-r--r-- | dh.c | 23 |
1 files changed, 16 insertions, 7 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: dh.c,v 1.57 2015/05/27 23:39:18 dtucker Exp $ */ | 1 | /* $OpenBSD: dh.c,v 1.58 2016/02/28 22:27:00 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Niels Provos. All rights reserved. | 3 | * Copyright (c) 2000 Niels Provos. All rights reserved. |
| 4 | * | 4 | * |
| @@ -246,12 +246,15 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) | |||
| 246 | bits_set++; | 246 | bits_set++; |
| 247 | debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p)); | 247 | debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p)); |
| 248 | 248 | ||
| 249 | /* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */ | 249 | /* |
| 250 | if (bits_set > 1) | 250 | * if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial |
| 251 | return 1; | 251 | */ |
| 252 | 252 | if (bits_set < 4) { | |
| 253 | logit("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p)); | 253 | logit("invalid public DH value (%d/%d)", |
| 254 | return 0; | 254 | bits_set, BN_num_bits(dh->p)); |
| 255 | return 0; | ||
| 256 | } | ||
| 257 | return 1; | ||
| 255 | } | 258 | } |
| 256 | 259 | ||
| 257 | int | 260 | int |
| @@ -263,6 +266,12 @@ dh_gen_key(DH *dh, int need) | |||
| 263 | (pbits = BN_num_bits(dh->p)) <= 0 || | 266 | (pbits = BN_num_bits(dh->p)) <= 0 || |
| 264 | need > INT_MAX / 2 || 2 * need > pbits) | 267 | need > INT_MAX / 2 || 2 * need > pbits) |
| 265 | return SSH_ERR_INVALID_ARGUMENT; | 268 | return SSH_ERR_INVALID_ARGUMENT; |
| 269 | if (need < 256) | ||
| 270 | need = 256; | ||
| 271 | /* | ||
| 272 | * Pollard Rho, Big step/Little Step attacks are O(sqrt(n)), | ||
| 273 | * so double requested need here. | ||
| 274 | */ | ||
| 266 | dh->length = MIN(need * 2, pbits - 1); | 275 | dh->length = MIN(need * 2, pbits - 1); |
| 267 | if (DH_generate_key(dh) == 0 || | 276 | if (DH_generate_key(dh) == 0 || |
| 268 | !dh_pub_is_valid(dh, dh->pub_key)) { | 277 | !dh_pub_is_valid(dh, dh->pub_key)) { |