- markus@cvs.openbsd.org 2001/03/05 17:17:21

[openssh.git] / kex.c

diff --git a/kex.c b/kex.c
index 1038546cadf513f70cdbfb7e249a0506b143f647..308ffb1b66f320547045c3f18aeea5005cc2b98a 100644 (file)
--- a/kex.c
+++ b/kex.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.21 2001/02/11 12:59:24 markus Exp $");
+RCSID("$OpenBSD: kex.c,v 1.22 2001/03/05 17:17:20 markus Exp $");
 
 #include <openssl/crypto.h>
 #include <openssl/bio.h>
@@ -138,15 +138,33 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)
 }
 
 void
-dh_gen_key(DH *dh)
+dh_gen_key(DH *dh, int need)
 {
-       int tries = 0;
+       int i, bits_set = 0, tries = 0;
 
+       if (dh->p == NULL)
+               fatal("dh_gen_key: dh->p == NULL");
+       if (2*need >= BN_num_bits(dh->p))
+               fatal("dh_gen_key: group too small: %d (2*need %d)",
+                   BN_num_bits(dh->p), 2*need);
        do {
+               if (dh->priv_key != NULL)
+                       BN_free(dh->priv_key);
+               dh->priv_key = BN_new();
+               if (dh->priv_key == NULL)
+                       fatal("dh_gen_key: BN_new failed");
+               /* generate a 2*need bits random private exponent */
+               if (!BN_rand(dh->priv_key, 2*need, 0, 0))
+                       fatal("dh_gen_key: BN_rand failed");
                if (DH_generate_key(dh) == 0)
                        fatal("DH_generate_key");
+               for (i = 0; i <= BN_num_bits(dh->priv_key); i++)
+                       if (BN_is_bit_set(dh->priv_key, i))
+                               bits_set++;
+               debug("dh_gen_key: priv key bits set: %d/%d",
+                   bits_set, BN_num_bits(dh->priv_key));
                if (tries++ > 10)
-                       fatal("dh_new_group1: too many bad keys: giving up");
+                       fatal("dh_gen_key: too many bad keys: giving up");
        } while (!dh_pub_is_valid(dh, dh->pub_key));
 }