X-Git-Url: http://andersk.mit.edu/gitweb/gssapi-openssh.git/blobdiff_plain/99be0775a59eaa5515f806a1127066d3a70a8221..f96b1f670e759a7834f281f437f64550fdfecd97:/openssh/dh.c

diff --git a/openssh/dh.c b/openssh/dh.c
index afd1e05..fa2508a 100644
--- a/openssh/dh.c
+++ b/openssh/dh.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: dh.c,v 1.29 2004/02/27 22:49:27 dtucker Exp $");
+RCSID("$OpenBSD: dh.c,v 1.17 2001/06/23 15:12:18 itojun Exp $");
 
 #include "xmalloc.h"
 
@@ -50,7 +50,7 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg)
 	/* Ignore leading whitespace */
 	if (*arg == '\0')
 		arg = strdelim(&cp);
-	if (!arg || !*arg || *arg == '#')
+	if (!*arg || *arg == '#')
 		return 0;
 
 	/* time */
@@ -78,10 +78,8 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg)
 	if (cp != NULL || *prime == '\0')
 		goto fail;
 
-	if ((dhg->g = BN_new()) == NULL)
-		fatal("parse_prime: BN_new failed");
-	if ((dhg->p = BN_new()) == NULL)
-		fatal("parse_prime: BN_new failed");
+	dhg->g = BN_new();
+	dhg->p = BN_new();
 	if (BN_hex2bn(&dhg->g, gen) == 0)
 		goto failclean;
 
@@ -91,14 +89,11 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg)
 	if (BN_num_bits(dhg->p) != dhg->size)
 		goto failclean;
 
-	if (BN_is_zero(dhg->g) || BN_is_one(dhg->g))
-		goto failclean;
-
 	return (1);
 
  failclean:
-	BN_clear_free(dhg->g);
-	BN_clear_free(dhg->p);
+	BN_free(dhg->g);
+	BN_free(dhg->p);
  fail:
 	error("Bad prime description in line %d", linenum);
 	return (0);
@@ -108,14 +103,14 @@ DH *
 choose_dh(int min, int wantbits, int max)
 {
 	FILE *f;
-	char line[4096];
+	char line[2048];
 	int best, bestcount, which;
 	int linenum;
 	struct dhgroup dhg;
 
 	if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL &&
 	    (f = fopen(_PATH_DH_PRIMES, "r")) == NULL) {
-		logit("WARNING: %s does not exist, using old modulus", _PATH_DH_MODULI);
+		log("WARNING: %s does not exist, using old modulus", _PATH_DH_MODULI);
 		return (dh_new_group1());
 	}
 
@@ -125,8 +120,8 @@ choose_dh(int min, int wantbits, int max)
 		linenum++;
 		if (!parse_prime(linenum, line, &dhg))
 			continue;
-		BN_clear_free(dhg.g);
-		BN_clear_free(dhg.p);
+		BN_free(dhg.g);
+		BN_free(dhg.p);
 
 		if (dhg.size > max || dhg.size < min)
 			continue;
@@ -143,7 +138,7 @@ choose_dh(int min, int wantbits, int max)
 
 	if (bestcount == 0) {
 		fclose(f);
-		logit("WARNING: no suitable primes in %s", _PATH_DH_PRIMES);
+		log("WARNING: no suitable primes in %s", _PATH_DH_PRIMES);
 		return (NULL);
 	}
 
@@ -155,8 +150,8 @@ choose_dh(int min, int wantbits, int max)
 		if ((dhg.size > max || dhg.size < min) ||
 		    dhg.size != best ||
 		    linenum++ != which) {
-			BN_clear_free(dhg.g);
-			BN_clear_free(dhg.p);
+			BN_free(dhg.g);
+			BN_free(dhg.p);
 			continue;
 		}
 		break;
@@ -179,45 +174,46 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)
 	int bits_set = 0;
 
 	if (dh_pub->neg) {
-		logit("invalid public DH value: negativ");
+		log("invalid public DH value: negativ");
 		return 0;
 	}
 	for (i = 0; i <= n; i++)
 		if (BN_is_bit_set(dh_pub, i))
 			bits_set++;
-	debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p));
+	debug("bits set: %d/%d", bits_set, BN_num_bits(dh->p));
 
 	/* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */
 	if (bits_set > 1 && (BN_cmp(dh_pub, dh->p) == -1))
 		return 1;
-	logit("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p));
+	log("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p));
 	return 0;
 }
 
 void
 dh_gen_key(DH *dh, int need)
 {
-	int i, bits_set, tries = 0;
+	int i, bits_set = 0, tries = 0;
 
 	if (dh->p == NULL)
 		fatal("dh_gen_key: dh->p == NULL");
-	if (need > INT_MAX / 2 || 2 * need >= BN_num_bits(dh->p))
+	if (2*need >= BN_num_bits(dh->p))
 		fatal("dh_gen_key: group too small: %d (2*need %d)",
 		    BN_num_bits(dh->p), 2*need);
 	do {
 		if (dh->priv_key != NULL)
-			BN_clear_free(dh->priv_key);
-		if ((dh->priv_key = BN_new()) == NULL)
+			BN_free(dh->priv_key);
+		dh->priv_key = BN_new();
+		if (dh->priv_key == NULL)
 			fatal("dh_gen_key: BN_new failed");
 		/* generate a 2*need bits random private exponent */
 		if (!BN_rand(dh->priv_key, 2*need, 0, 0))
 			fatal("dh_gen_key: BN_rand failed");
 		if (DH_generate_key(dh) == 0)
 			fatal("DH_generate_key");
-		for (i = 0, bits_set = 0; i <= BN_num_bits(dh->priv_key); i++)
+		for (i = 0; i <= BN_num_bits(dh->priv_key); i++)
 			if (BN_is_bit_set(dh->priv_key, i))
 				bits_set++;
-		debug2("dh_gen_key: priv key bits set: %d/%d",
+		debug("dh_gen_key: priv key bits set: %d/%d",
 		    bits_set, BN_num_bits(dh->priv_key));
 		if (tries++ > 10)
 			fatal("dh_gen_key: too many bad keys: giving up");
@@ -229,8 +225,9 @@ dh_new_group_asc(const char *gen, const char *modulus)
 {
 	DH *dh;
 
-	if ((dh = DH_new()) == NULL)
-		fatal("dh_new_group_asc: DH_new");
+	dh = DH_new();
+	if (dh == NULL)
+		fatal("DH_new");
 
 	if (BN_hex2bn(&dh->p, modulus) == 0)
 		fatal("BN_hex2bn p");
@@ -250,8 +247,9 @@ dh_new_group(BIGNUM *gen, BIGNUM *modulus)
 {
 	DH *dh;
 
-	if ((dh = DH_new()) == NULL)
-		fatal("dh_new_group: DH_new");
+	dh = DH_new();
+	if (dh == NULL)
+		fatal("DH_new");
 	dh->p = modulus;
 	dh->g = gen;
 
@@ -282,9 +280,11 @@ int
 dh_estimate(int bits)
 {
 
-	if (bits <= 128)
+	if (bits < 64)
+		return (512);	/* O(2**63) */
+	if (bits < 128)
 		return (1024);	/* O(2**86) */
-	if (bits <= 192)
+	if (bits < 192)
 		return (2048);	/* O(2**116) */
 	return (4096);		/* O(2**156) */
 }