From f1fdda9907cd963887a7a0ab5580ed8fe8fc2302 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Thu, 2 May 2002 13:15:38 +0000 Subject: The Diffie Hellman method was optimized. Now the number of bits of q is used (q is used to generate p), and the server DH secret key is less than the number of bits of q (see RFC2631 2.2). All these changes are experimental and may be totaly wrong. --- lib/auth_anon.c | 12 +- lib/auth_dhe.c | 10 +- lib/auth_srp_passwd.c | 2 +- lib/gnutls.h.in.in | 4 +- lib/gnutls_dh.c | 10 +- lib/gnutls_dh.h | 6 +- lib/gnutls_dh_primes.c | 382 +++++++++++++++++++++++++------------------------ lib/gnutls_int.h | 1 + src/prime.c | 2 +- src/serv.c | 6 +- 10 files changed, 224 insertions(+), 211 deletions(-) diff --git a/lib/auth_anon.c b/lib/auth_anon.c index 663c2ee42f..67b4c25b5e 100644 --- a/lib/auth_anon.c +++ b/lib/auth_anon.c @@ -65,7 +65,8 @@ int gen_anon_server_kx( GNUTLS_STATE state, opaque** data) { uint8 *data_X; ANON_SERVER_AUTH_INFO info; const GNUTLS_ANON_SERVER_CREDENTIALS cred; - + int qbits; + cred = _gnutls_get_cred(state->gnutls_key, GNUTLS_CRD_ANON, NULL); if (cred == NULL) { gnutls_assert(); @@ -74,7 +75,7 @@ int gen_anon_server_kx( GNUTLS_STATE state, opaque** data) { bits = _gnutls_dh_get_prime_bits( state); - g = gnutls_get_dh_params( cred->dh_params, &p, bits); + g = gnutls_get_dh_params( cred->dh_params, &p, bits, &qbits); if (g==NULL || p==NULL) { gnutls_assert(); return GNUTLS_E_MEMORY_ERROR; @@ -91,7 +92,7 @@ int gen_anon_server_kx( GNUTLS_STATE state, opaque** data) { return ret; } - X = gnutls_calc_dh_secret(&x, g, p); + X = gnutls_calc_dh_secret(&x, g, p, qbits); if (X==NULL || x==NULL) { gnutls_assert(); _gnutls_mpi_release( &g); @@ -144,7 +145,8 @@ size_t n_X; int ret; X = gnutls_calc_dh_secret(&x, state->gnutls_key->client_g, - state->gnutls_key->client_p); + state->gnutls_key->client_p, + _gnutls_mpi_get_nbits(state->gnutls_key->client_p)); if (X==NULL) { gnutls_assert(); @@ -299,7 +301,7 @@ int proc_anon_client_kx( GNUTLS_STATE state, opaque* data, int data_size) { return GNUTLS_E_MPI_SCAN_FAILED; } - g = gnutls_get_dh_params( cred->dh_params, &p, bits); + g = gnutls_get_dh_params( cred->dh_params, &p, bits, NULL); if (g==NULL) { gnutls_assert(); return GNUTLS_E_MEMORY_ERROR; diff --git a/lib/auth_dhe.c b/lib/auth_dhe.c index c0de5a8d01..243f564353 100644 --- a/lib/auth_dhe.c +++ b/lib/auth_dhe.c @@ -92,6 +92,7 @@ static int gen_dhe_server_kx(GNUTLS_STATE state, opaque ** data) int apr_cert_list_length; gnutls_datum signature, ddata; CERTIFICATE_AUTH_INFO info; + int qbits; const GNUTLS_CERTIFICATE_CREDENTIALS cred; cred = _gnutls_get_cred(state->gnutls_key, GNUTLS_CRD_CERTIFICATE, NULL); @@ -111,7 +112,7 @@ static int gen_dhe_server_kx(GNUTLS_STATE state, opaque ** data) return ret; } - g = gnutls_get_dh_params( cred->dh_params, &p, bits); + g = gnutls_get_dh_params( cred->dh_params, &p, bits, &qbits); if (g == NULL) { gnutls_assert(); return GNUTLS_E_MEMORY_ERROR; @@ -129,7 +130,7 @@ static int gen_dhe_server_kx(GNUTLS_STATE state, opaque ** data) return ret; } - X = gnutls_calc_dh_secret(&x, g, p); + X = gnutls_calc_dh_secret(&x, g, p, qbits); if (X == NULL) { _gnutls_mpi_release(&g); _gnutls_mpi_release(&p); @@ -217,7 +218,8 @@ static int gen_dhe_client_kx(GNUTLS_STATE state, opaque ** data) int ret; X = gnutls_calc_dh_secret(&x, state->gnutls_key->client_g, - state->gnutls_key->client_p); + state->gnutls_key->client_p, + _gnutls_mpi_get_nbits(state->gnutls_key->client_p)); if (X == NULL || x == NULL) { gnutls_assert(); _gnutls_mpi_release(&x); @@ -455,7 +457,7 @@ static int proc_dhe_client_kx(GNUTLS_STATE state, opaque * data, return ret; } - g = gnutls_get_dh_params( cred->dh_params, &p, bits); + g = gnutls_get_dh_params( cred->dh_params, &p, bits, NULL); if (g == NULL || p == NULL) { gnutls_assert(); _gnutls_mpi_release(&g); diff --git a/lib/auth_srp_passwd.c b/lib/auth_srp_passwd.c index d47df6ec7a..3a8516928d 100644 --- a/lib/auth_srp_passwd.c +++ b/lib/auth_srp_passwd.c @@ -388,7 +388,7 @@ int _gnutls_srp_generate_prime(opaque ** ret_g, opaque ** ret_n, int bits) int siz; char *tmp; - if ( _gnutls_dh_generate_prime(&g, &prime, bits) < 0) { + if ( _gnutls_dh_generate_prime(&g, &prime, bits, NULL) < 0) { gnutls_assert(); return GNUTLS_E_MEMORY_ERROR; } diff --git a/lib/gnutls.h.in.in b/lib/gnutls.h.in.in index 053f94b0f4..816d71c8c4 100644 --- a/lib/gnutls.h.in.in +++ b/lib/gnutls.h.in.in @@ -270,10 +270,10 @@ int gnutls_certificate_set_openpgp_keyring_file( GNUTLS_CERTIFICATE_CREDENTIALS int gnutls_global_init(void); void gnutls_global_deinit(void); -int gnutls_dh_params_set( GNUTLS_DH_PARAMS, gnutls_datum prime, gnutls_datum generator, int bits); +int gnutls_dh_params_set( GNUTLS_DH_PARAMS, gnutls_datum prime, gnutls_datum generator, int bits, int qbits); int gnutls_dh_params_init( GNUTLS_DH_PARAMS*); void gnutls_dh_params_deinit( GNUTLS_DH_PARAMS); -int gnutls_dh_params_generate( gnutls_datum* prime, gnutls_datum* generator, int bits); +int gnutls_dh_params_generate( gnutls_datum* prime, gnutls_datum* generator, int bits, int* qbits); typedef ssize_t (*GNUTLS_PULL_FUNC)(GNUTLS_TRANSPORT_PTR, void*, size_t); typedef ssize_t (*GNUTLS_PUSH_FUNC)(GNUTLS_TRANSPORT_PTR, const void*, size_t); diff --git a/lib/gnutls_dh.c b/lib/gnutls_dh.c index 784ed4c554..de0a172517 100644 --- a/lib/gnutls_dh.c +++ b/lib/gnutls_dh.c @@ -57,13 +57,11 @@ static int get_x_size(int bits) /* returns the public value (X), and the secret (ret_x). */ -GNUTLS_MPI gnutls_calc_dh_secret(GNUTLS_MPI * ret_x, GNUTLS_MPI g, GNUTLS_MPI prime) +GNUTLS_MPI gnutls_calc_dh_secret(GNUTLS_MPI * ret_x, GNUTLS_MPI g, GNUTLS_MPI prime, int qbits) { GNUTLS_MPI e, x; - int x_size = get_x_size(_gnutls_mpi_get_nbits(prime)); - - x = _gnutls_mpi_new(x_size); /* FIXME: allocate in secure memory */ + x = _gnutls_mpi_new(qbits); if (x == NULL) { gnutls_assert(); if (ret_x) @@ -72,7 +70,9 @@ GNUTLS_MPI gnutls_calc_dh_secret(GNUTLS_MPI * ret_x, GNUTLS_MPI g, GNUTLS_MPI pr return NULL; } - _gnutls_mpi_randomize(x, x_size, GCRY_STRONG_RANDOM); +#warning this puts more byts than it should + _gnutls_mpi_randomize(x, qbits, GCRY_STRONG_RANDOM); + /* fixme: set high bit of x and select a larger one */ e = _gnutls_mpi_alloc_like(prime); diff --git a/lib/gnutls_dh.h b/lib/gnutls_dh.h index b98d1ddee9..195d7ca2bc 100644 --- a/lib/gnutls_dh.h +++ b/lib/gnutls_dh.h @@ -18,10 +18,10 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ -MPI gnutls_get_dh_params(GNUTLS_DH_PARAMS, MPI *ret_p, int bits); -MPI gnutls_calc_dh_secret( MPI *ret_x, MPI g, MPI prime ); +MPI gnutls_get_dh_params(GNUTLS_DH_PARAMS, MPI *ret_p, int bits, int* qbits); +MPI gnutls_calc_dh_secret( MPI *ret_x, MPI g, MPI prime, int qbits); MPI gnutls_calc_dh_key( MPI f, MPI x, MPI prime ); -int _gnutls_dh_generate_prime(MPI *ret_g, MPI* ret_n, int bits); +int _gnutls_dh_generate_prime(MPI *ret_g, MPI* ret_n, int bits, int* _qbits); void _gnutls_dh_clear_mpis(void); int _gnutls_dh_calc_mpis(void); MPI _gnutls_get_rnd_srp_params( MPI * ret_p, int bits); diff --git a/lib/gnutls_dh_primes.c b/lib/gnutls_dh_primes.c index 47bad3ade9..8e2a7f0a65 100644 --- a/lib/gnutls_dh_primes.c +++ b/lib/gnutls_dh_primes.c @@ -26,8 +26,8 @@ static uint8 DH_G_1024[] = { 0x02 }; static uint8 DH_G_4096[] = { 0x05 }; -static uint8 DH_G_2048[] = { 0x05 }; -static uint8 DH_G_3072[] = { 0x0D }; +static uint8 DH_G_2048[] = { 0x07 }; +static uint8 DH_G_3072[] = { 0x06 }; static uint8 diffie_hellman_group1_prime[] = { 0x00, 0x04, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, @@ -45,181 +45,181 @@ static uint8 diffie_hellman_group1_prime[] = { 0x00, 0x04, }; /* prime - 4096 bits */ -static uint8 diffie_hellman_prime_4096[] = { 0x00, - 0x98, 0xb7, 0x3d, 0x66, 0xf1, 0x18, 0x61, - 0xa9, 0x36, 0xd9, 0xf1, 0xbf, 0x65, 0xbb, - 0x7c, 0x06, 0x10, 0x15, 0xe5, 0x24, 0x47, - 0xb5, 0x45, 0x7e, 0xbb, 0xdf, 0x59, 0xf4, - 0xf2, 0x59, 0x7d, 0xea, 0xe0, 0x0f, 0x06, - 0x42, 0xd8, 0xb1, 0x9b, 0x62, 0xf9, 0x81, - 0x05, 0xd7, 0xd5, 0x74, 0x7c, 0x39, 0x3b, - 0x6d, 0x57, 0xb7, 0xe9, 0x51, 0x0d, 0xb6, - 0xe5, 0x03, 0xf7, 0xf3, 0xac, 0x1b, 0x66, - 0x96, 0xb3, 0xf8, 0xa1, 0xe1, 0xc7, 0x9c, - 0xc7, 0x52, 0x19, 0x2a, 0x90, 0xe6, 0x1d, - 0xba, 0xf5, 0x15, 0xcb, 0x8b, 0x52, 0x88, - 0xcd, 0xf5, 0x50, 0x33, 0x04, 0xb8, 0x2f, - 0x2c, 0x01, 0x57, 0x82, 0x7c, 0x8a, 0xf0, - 0xa3, 0x73, 0x7e, 0x0c, 0x2d, 0x69, 0xd4, - 0x17, 0xf6, 0xd0, 0x6a, 0x32, 0x95, 0x6a, - 0x69, 0x40, 0xb0, 0x55, 0x4f, 0xf0, 0x1d, - 0xae, 0x3d, 0x5f, 0x01, 0x92, 0x14, 0x3a, - 0x73, 0x69, 0x5a, 0x8e, 0xea, 0x22, 0x52, - 0x44, 0xc2, 0xb8, 0x66, 0x1e, 0x26, 0x1a, - 0x5d, 0x8f, 0x46, 0x6b, 0x8d, 0x3c, 0x71, - 0xcf, 0x1d, 0x72, 0x8d, 0x2f, 0x03, 0x54, - 0xdb, 0xe9, 0x82, 0x60, 0xe5, 0xf6, 0x40, - 0x4b, 0x6b, 0xae, 0x0a, 0xb2, 0x30, 0xba, - 0x1c, 0x45, 0x7e, 0x3f, 0xfd, 0xf7, 0xdc, - 0xa6, 0xbb, 0x98, 0xc4, 0xca, 0xfc, 0x66, - 0xf3, 0x48, 0x47, 0xbf, 0xdb, 0xd7, 0xdc, - 0xff, 0x1d, 0xeb, 0xa0, 0x4e, 0xb6, 0xff, - 0x75, 0xdc, 0x0c, 0x1d, 0x93, 0x9e, 0xd5, - 0xb3, 0x68, 0xe7, 0x07, 0x29, 0x91, 0xf1, - 0xae, 0xfc, 0x7e, 0x3a, 0xea, 0xec, 0x40, - 0xfc, 0x70, 0x7f, 0xf3, 0x36, 0x81, 0xec, - 0x97, 0xa7, 0x0d, 0x71, 0x2c, 0x5c, 0x4f, - 0xd9, 0x00, 0xcf, 0x62, 0x56, 0xfb, 0x09, - 0x2d, 0x1b, 0x04, 0x3c, 0x00, 0xc8, 0x17, - 0xd7, 0x7d, 0x16, 0x20, 0x1e, 0x62, 0x9b, - 0xf4, 0x4f, 0xee, 0xa4, 0xbf, 0x0b, 0xde, - 0x51, 0x7c, 0x01, 0x76, 0x79, 0x73, 0x7d, - 0x7b, 0xec, 0xee, 0x14, 0xec, 0x83, 0xc3, - 0xb4, 0x42, 0x66, 0x19, 0x52, 0x19, 0x04, - 0x02, 0x71, 0x61, 0x5c, 0x78, 0xee, 0x5f, - 0x58, 0x1e, 0x5b, 0x2d, 0xf3, 0x0c, 0x6e, - 0x00, 0x0f, 0xd8, 0xf0, 0x86, 0xa1, 0x11, - 0xfd, 0x04, 0x07, 0xa6, 0xf7, 0x31, 0xb9, - 0xf6, 0x76, 0xfc, 0xea, 0xf0, 0x16, 0x98, - 0x37, 0x48, 0x1b, 0x0c, 0x32, 0x3f, 0x7e, - 0xfa, 0x02, 0x04, 0x2a, 0x48, 0x70, 0xb4, - 0xe3, 0xe0, 0xc1, 0x7f, 0x65, 0x70, 0xd0, - 0x71, 0x74, 0x86, 0xb7, 0x5d, 0xd4, 0x84, - 0xd5, 0x9d, 0x77, 0xf6, 0x72, 0x82, 0x4b, - 0x98, 0x8b, 0x49, 0x3a, 0x0b, 0x1e, 0x94, - 0x42, 0xf7, 0x0b, 0x3f, 0xec, 0xc2, 0x2b, - 0x7f, 0x55, 0xe2, 0x94, 0x48, 0xac, 0x04, - 0xb9, 0xb2, 0xb6, 0xca, 0xb4, 0x09, 0xe3, - 0xba, 0x6a, 0x55, 0x28, 0xf7, 0x8a, 0x73, - 0x4d, 0x21, 0xe1, 0xf4, 0xcd, 0x22, 0x15, - 0x9c, 0xe6, 0xcc, 0x1d, 0x9f, 0x81, 0x88, - 0x4c, 0x5a, 0x17, 0x9f, 0xe5, 0x8c, 0x85, - 0xf1, 0xa3, 0xcf, 0x6c, 0xa1, 0xbf, 0x5e, - 0x02, 0x61, 0xa8, 0x67, 0x6f, 0xb8, 0x20, - 0x1a, 0x4e, 0xf2, 0x05, 0xd7, 0xb4, 0x4b, - 0x3e, 0xca, 0x87, 0x49, 0x10, 0x16, 0xcc, - 0xc9, 0xe0, 0x1c, 0xc1, 0x83, 0xc7, 0xa0, - 0x54, 0x3d, 0x36, 0x17, 0x84, 0xc3, 0x84, - 0x2e, 0x5a, 0xe0, 0x75, 0x45, 0x01, 0xe6, - 0xf0, 0x3d, 0xf9, 0x33, 0x0a, 0xd9, 0x1e, - 0x66, 0x99, 0xb4, 0x21, 0xed, 0x6e, 0xda, - 0x6f, 0x37, 0x33, 0xdd, 0x8f, 0x25, 0x35, - 0x5e, 0x6c, 0x1e, 0x33, 0xc2, 0x41, 0x3f, - 0x58, 0x40, 0xbb, 0xe7, 0x2b, 0x54, 0xdb, - 0xd8, 0xcf, 0x3a, 0xba, 0x0c, 0xf1, 0x19, - 0xec, 0x9d, 0x50, 0xf6, 0x63, 0x22, 0x55, - 0x5e, 0x79, 0xd1, 0x3f, 0x46, 0x0f, 0xf3, - 0x7f +static uint8 diffie_hellman_prime_4096[512] = { + 0x8b, 0x4a, 0x26, 0x05, 0x19, 0x85, 0x6d, + 0x2f, 0xe7, 0xf3, 0x2d, 0x92, 0x66, 0xf7, + 0xd2, 0xab, 0xfd, 0x79, 0x6a, 0x90, 0x69, + 0xee, 0xcb, 0xf0, 0x3c, 0xfd, 0xcd, 0x10, + 0xc4, 0xf3, 0x59, 0x7f, 0xa2, 0xd8, 0x2c, + 0x7d, 0x8d, 0x82, 0xf3, 0x95, 0x40, 0x98, + 0xba, 0x8e, 0xe6, 0xa4, 0xaf, 0x74, 0x58, + 0xe6, 0x96, 0xf2, 0x5c, 0xac, 0xe3, 0x87, + 0xd5, 0x15, 0x5d, 0x7a, 0xc0, 0xb3, 0x83, + 0xf9, 0x6f, 0x7f, 0x94, 0xa1, 0x9f, 0xb7, + 0x8c, 0x16, 0xf0, 0x61, 0x6f, 0x93, 0x20, + 0xa2, 0xb6, 0x05, 0xe6, 0xf0, 0x44, 0x88, + 0x25, 0x5b, 0xc7, 0x1c, 0xbe, 0x72, 0xe3, + 0xa5, 0x0c, 0x56, 0x96, 0xec, 0xc6, 0xaf, + 0xb0, 0xa0, 0xd0, 0x86, 0x54, 0xcd, 0x24, + 0xd3, 0x27, 0x74, 0x49, 0xd5, 0xf2, 0xfc, + 0xff, 0xf8, 0x0a, 0xd1, 0x1e, 0x71, 0xf1, + 0x88, 0xf8, 0xd2, 0x4d, 0xc7, 0xf3, 0x65, + 0x9f, 0x0f, 0x10, 0x7b, 0x8b, 0x8f, 0x83, + 0xaf, 0xed, 0x10, 0x59, 0x68, 0xfc, 0x6c, + 0xaf, 0x1d, 0xab, 0x8a, 0x3e, 0x7d, 0xec, + 0x7d, 0xfb, 0xb8, 0x5b, 0x4a, 0x98, 0x5d, + 0xb0, 0x16, 0xc4, 0x02, 0x94, 0x85, 0x72, + 0x05, 0x37, 0x31, 0xb8, 0x1e, 0x3e, 0x17, + 0x1b, 0xb4, 0xfa, 0x04, 0x9e, 0xa4, 0x7c, + 0xb6, 0x77, 0x0b, 0x53, 0x79, 0xb7, 0xdb, + 0xb8, 0xf8, 0x07, 0xff, 0x83, 0xf3, 0xc8, + 0x16, 0x02, 0x66, 0x18, 0xc8, 0xc4, 0xbe, + 0x64, 0x83, 0x2a, 0xa7, 0x66, 0xf0, 0x75, + 0xc9, 0xa2, 0x72, 0xa0, 0x06, 0x2e, 0x0c, + 0x20, 0xf6, 0x97, 0x19, 0x20, 0x6a, 0x8f, + 0x36, 0x71, 0x03, 0x09, 0x4a, 0xfe, 0x76, + 0x1b, 0x19, 0x19, 0xd9, 0x7c, 0x5f, 0xf5, + 0xdd, 0x99, 0xf2, 0xb5, 0x93, 0xf1, 0x8d, + 0x65, 0xac, 0x8e, 0xfb, 0xce, 0x74, 0xa7, + 0x31, 0x9d, 0x57, 0x3a, 0xa8, 0xb6, 0xb5, + 0xff, 0x14, 0xd0, 0x43, 0xe7, 0x0e, 0x58, + 0xd2, 0x4d, 0xed, 0x29, 0x86, 0xbf, 0xc7, + 0xe0, 0xdb, 0xc2, 0x12, 0xff, 0x60, 0x42, + 0xb8, 0x1f, 0xca, 0xba, 0x79, 0xbb, 0x9a, + 0x1b, 0x4d, 0xf0, 0x55, 0x16, 0x2b, 0xfd, + 0xba, 0x9b, 0xa5, 0xf7, 0xb5, 0x34, 0xeb, + 0xaf, 0x76, 0x1b, 0x2a, 0xdf, 0x7b, 0x54, + 0x96, 0xaf, 0xc6, 0x3f, 0x11, 0x29, 0xc6, + 0xaa, 0xd9, 0xeb, 0x64, 0xf2, 0xf2, 0xde, + 0xc0, 0xae, 0xb8, 0x96, 0x00, 0xa5, 0xa8, + 0x14, 0xfa, 0x6f, 0x10, 0xff, 0x30, 0x35, + 0x4f, 0x5d, 0x82, 0x3c, 0xf5, 0x4d, 0x64, + 0xd6, 0xe1, 0xfd, 0x9b, 0x6e, 0x1d, 0xf1, + 0x03, 0xf3, 0xe4, 0xe8, 0xbc, 0x2c, 0xe1, + 0x7d, 0x4a, 0x48, 0x62, 0x50, 0x65, 0x2a, + 0xa9, 0x8d, 0x3e, 0x96, 0xa6, 0x2c, 0xc1, + 0xd1, 0xc7, 0x50, 0xb6, 0xf0, 0x45, 0x23, + 0xc5, 0x14, 0x40, 0x17, 0x7e, 0x69, 0x2a, + 0x9d, 0x86, 0x65, 0xcd, 0x2f, 0x88, 0x65, + 0x49, 0x44, 0x77, 0x23, 0x74, 0x55, 0x35, + 0xf0, 0x98, 0xd7, 0xe6, 0xe2, 0x4d, 0xb1, + 0xfd, 0x27, 0xaa, 0xc9, 0xcc, 0xc8, 0x32, + 0x06, 0x38, 0xbd, 0x20, 0xdf, 0xb4, 0x60, + 0x58, 0xb8, 0x6a, 0xf1, 0x25, 0x70, 0x5c, + 0x09, 0xca, 0xc5, 0x33, 0x0d, 0x17, 0x20, + 0x28, 0xea, 0x75, 0xf8, 0x7a, 0x02, 0xaa, + 0x81, 0x93, 0xea, 0x4e, 0xcf, 0x24, 0x0d, + 0x3d, 0x68, 0xa4, 0x19, 0xd3, 0xbe, 0x11, + 0xd5, 0x80, 0xf8, 0x4f, 0x0b, 0x90, 0x0e, + 0x86, 0x84, 0x8f, 0x50, 0x4f, 0x0a, 0xa4, + 0xf8, 0xe6, 0xa9, 0x5f, 0x9d, 0x1d, 0xd2, + 0xd8, 0xdd, 0x2e, 0x88, 0xf3, 0xc8, 0x78, + 0x70, 0xf6, 0x10, 0x6e, 0x1e, 0x0c, 0x65, + 0xe7, 0x17, 0x1f, 0xd1, 0x4c, 0xfa, 0xa8, + 0xf9, 0x14, 0x15, 0x72, 0xd3, 0x3e, 0x4f, + 0x85, 0x66, 0x4c, 0x82, 0xf4, 0x47, 0xb5, + 0x91, 0xe3, 0x80, 0xff, 0x3c, 0xfc, 0x82, + 0x0b }; /* prime - 3072 bits */ -static uint8 diffie_hellman_prime_3072[] = { 0x00, - 0xd5, 0x6e, 0xc8, 0x1f, 0xe9, 0x80, 0x9e, - 0x56, 0x35, 0x6d, 0x6d, 0xdb, 0xfa, 0x47, - 0x75, 0xcd, 0xfa, 0x32, 0x52, 0x1a, 0xc8, - 0xad, 0xee, 0xb0, 0xdb, 0xb7, 0x07, 0x58, - 0xa6, 0x42, 0xfe, 0x59, 0xfb, 0xce, 0xe8, - 0x12, 0x63, 0x09, 0x9f, 0x5d, 0x15, 0x25, - 0x49, 0xf2, 0x61, 0x83, 0xd8, 0x5c, 0x81, - 0xdd, 0x4c, 0x26, 0xe6, 0x24, 0xce, 0x6a, - 0xa5, 0x07, 0x80, 0x1c, 0x3d, 0x94, 0xd1, - 0x5d, 0x73, 0xbd, 0x26, 0x48, 0x22, 0x25, - 0xdd, 0x2f, 0x64, 0xe5, 0xed, 0xb3, 0xa9, - 0x94, 0xb3, 0x96, 0x88, 0x5d, 0x06, 0x41, - 0x80, 0xf8, 0xe1, 0x3c, 0x8f, 0xa9, 0x5b, - 0x44, 0x7e, 0x32, 0xbd, 0x62, 0x37, 0xe1, - 0xde, 0x18, 0xe8, 0x12, 0x7d, 0x28, 0x7d, - 0x5c, 0xcf, 0xa9, 0x16, 0x0f, 0xdc, 0xc1, - 0x92, 0xe0, 0x43, 0xac, 0xd0, 0x25, 0x37, - 0x8e, 0x5d, 0x4d, 0x26, 0x46, 0xbc, 0xc5, - 0x22, 0x05, 0x29, 0x41, 0x53, 0x2f, 0x7a, - 0x95, 0xa8, 0x36, 0xed, 0x85, 0xac, 0xf3, - 0xde, 0x0c, 0xbe, 0xa9, 0xfa, 0xc4, 0xa6, - 0x0b, 0x23, 0xfc, 0x7c, 0x77, 0xdc, 0x7c, - 0x94, 0x9b, 0x7c, 0xe0, 0x3b, 0xa1, 0x66, - 0x78, 0x85, 0x99, 0x5a, 0xba, 0x26, 0xa3, - 0xac, 0x97, 0xd4, 0x3a, 0x33, 0xee, 0xa3, - 0x96, 0xe0, 0x16, 0xdf, 0x61, 0xe7, 0x1f, - 0x35, 0xa5, 0x47, 0x54, 0x51, 0xce, 0x93, - 0x40, 0x6f, 0x40, 0x86, 0x3b, 0x17, 0x12, - 0xd3, 0x4d, 0x2e, 0xb3, 0x04, 0xf8, 0x8b, - 0x30, 0xb1, 0x27, 0xd7, 0xeb, 0xde, 0xd7, - 0xa9, 0x06, 0xfe, 0x6b, 0x59, 0x8c, 0x5d, - 0x9f, 0x93, 0x1f, 0x12, 0x65, 0xe6, 0xa6, - 0xeb, 0x5d, 0x4b, 0x9a, 0x16, 0x85, 0xce, - 0x18, 0x16, 0x5a, 0x5c, 0x3c, 0xeb, 0xc0, - 0xe1, 0x58, 0x64, 0x06, 0x38, 0x1c, 0x66, - 0x90, 0x4a, 0x30, 0xbe, 0x82, 0xe9, 0x9b, - 0x40, 0x2e, 0x6a, 0x91, 0x4f, 0x48, 0xc2, - 0x82, 0x40, 0xe9, 0xcd, 0x87, 0x77, 0x24, - 0xa7, 0xdc, 0x26, 0x05, 0x18, 0x9c, 0x8b, - 0x0e, 0x84, 0x29, 0x57, 0x76, 0x66, 0x7d, - 0x1e, 0x39, 0xc2, 0xf6, 0x2f, 0xbb, 0xeb, - 0x6e, 0x58, 0x3b, 0x11, 0x70, 0x75, 0xdb, - 0xe9, 0xf8, 0xcb, 0xd4, 0x4c, 0x84, 0xb3, - 0xcb, 0x66, 0x81, 0x4e, 0x93, 0xd9, 0x2f, - 0xc5, 0x60, 0x53, 0x69, 0x6e, 0xf3, 0x8e, - 0xa5, 0x6a, 0xa0, 0x96, 0xae, 0x31, 0xb6, - 0x12, 0x91, 0x0e, 0xc4, 0xc9, 0xd0, 0x50, - 0xf7, 0xbc, 0xe7, 0x78, 0xc9, 0x97, 0x02, - 0x26, 0x6a, 0xe3, 0x9a, 0x16, 0x63, 0xa2, - 0x5e, 0x1d, 0x4e, 0x71, 0x52, 0xb4, 0x73, - 0x31, 0x27, 0x6c, 0x46, 0xe4, 0x67, 0x02, - 0xde, 0x34, 0x7e, 0x24, 0x3b, 0xb9, 0xfe, - 0x08, 0x7e, 0xe9, 0x0a, 0xdc, 0xe7, 0xc2, - 0xa6, 0xa6, 0xb3, 0x7d, 0xe0, 0xa2, 0xe7, - 0x6d, 0x2e, 0x33, 0xed, 0x47, 0xf7 +static uint8 diffie_hellman_prime_3072[384] = { + 0xa0, 0xd7, 0x34, 0xe2, 0x2b, 0xdc, 0x16, + 0xe9, 0x2a, 0xd9, 0x6f, 0xb6, 0x36, 0xe6, + 0x2e, 0xd4, 0xf2, 0xa2, 0xa7, 0x86, 0x3f, + 0xfc, 0xad, 0xb0, 0x9a, 0x8c, 0x91, 0x0f, + 0x4c, 0xea, 0xba, 0xda, 0x68, 0x2b, 0x51, + 0xa4, 0x32, 0xca, 0x56, 0xbb, 0xa3, 0x1f, + 0x1c, 0xca, 0x5e, 0xb3, 0xc0, 0xbd, 0xfc, + 0x3e, 0xec, 0xfe, 0x2d, 0x0b, 0x55, 0x70, + 0x29, 0xbe, 0x68, 0x3f, 0x01, 0x4c, 0x2e, + 0x60, 0xca, 0x17, 0x71, 0x3c, 0x21, 0x2f, + 0x41, 0x17, 0x3c, 0xf9, 0xcc, 0xf9, 0xff, + 0x4d, 0xe8, 0xd6, 0x1a, 0xf8, 0xac, 0xfc, + 0x8b, 0xc6, 0xcd, 0xe0, 0x48, 0xe2, 0xc5, + 0x05, 0xd3, 0xb8, 0xc7, 0xeb, 0x6a, 0x0f, + 0x21, 0x71, 0x12, 0x68, 0x1b, 0xc4, 0x54, + 0xfa, 0xa2, 0x77, 0x5f, 0xd4, 0x2b, 0xe4, + 0x22, 0x94, 0x0e, 0xf9, 0x0f, 0x83, 0xa3, + 0x45, 0x83, 0xc5, 0x27, 0x13, 0x5b, 0xc8, + 0x26, 0x62, 0x85, 0x20, 0xe0, 0x35, 0x9f, + 0xac, 0xb7, 0xf3, 0x83, 0x63, 0xae, 0xb3, + 0xe8, 0x5e, 0x89, 0xb0, 0xa3, 0x52, 0x6a, + 0x71, 0x69, 0x1c, 0xfe, 0xa1, 0x86, 0x85, + 0x68, 0x05, 0x83, 0xf1, 0xff, 0xd2, 0xae, + 0xc7, 0x63, 0x58, 0xc0, 0x9e, 0x3b, 0x7e, + 0xd7, 0x0c, 0x87, 0xa9, 0x07, 0x4a, 0x11, + 0xeb, 0x58, 0x40, 0x9d, 0xaa, 0x09, 0xdf, + 0x0d, 0xf3, 0xd7, 0x91, 0xf4, 0x9b, 0x81, + 0x29, 0x8e, 0xad, 0xa6, 0xa7, 0xad, 0x69, + 0x18, 0xeb, 0x06, 0xcc, 0xf4, 0x20, 0x58, + 0x1e, 0xbe, 0xd0, 0x36, 0x4d, 0xd2, 0x27, + 0x7d, 0xe3, 0xcb, 0x45, 0x12, 0x8b, 0x77, + 0x26, 0xef, 0xc8, 0xe2, 0xab, 0xa3, 0x60, + 0x42, 0xfb, 0xa3, 0x13, 0x00, 0x63, 0xef, + 0xe3, 0xba, 0x98, 0xd5, 0xcc, 0x8d, 0x77, + 0x4c, 0xcd, 0x62, 0x92, 0xb4, 0x8f, 0xf3, + 0x75, 0xbc, 0x1f, 0x15, 0x2c, 0x00, 0xec, + 0xa7, 0x62, 0x81, 0x95, 0x48, 0xfe, 0x0f, + 0x4b, 0xb8, 0xda, 0x7c, 0xf4, 0x97, 0x2d, + 0x71, 0x1d, 0x0f, 0xc2, 0xd8, 0xd8, 0x05, + 0xdd, 0x90, 0x76, 0x77, 0xbe, 0xf0, 0x11, + 0xb7, 0xbe, 0x4c, 0x71, 0x46, 0xa4, 0x80, + 0x94, 0xa8, 0x08, 0xe5, 0x3a, 0xe6, 0x36, + 0x8d, 0xd9, 0x22, 0x73, 0x97, 0x18, 0xbd, + 0xf3, 0x1e, 0x47, 0x9e, 0x05, 0xac, 0x50, + 0x1b, 0xde, 0xd0, 0x60, 0x51, 0x1e, 0x56, + 0x93, 0x19, 0xcd, 0x1c, 0xcd, 0x23, 0x9e, + 0x3f, 0x20, 0x0f, 0xac, 0x26, 0x2e, 0x5c, + 0xbd, 0x96, 0x30, 0x1e, 0x88, 0xc9, 0xb0, + 0xb8, 0x43, 0x64, 0x07, 0xa9, 0x97, 0x50, + 0xa0, 0x2a, 0x50, 0xe9, 0x16, 0x26, 0x94, + 0x8d, 0xec, 0xe7, 0x36, 0xc7, 0xcd, 0x33, + 0x19, 0xa6, 0x2f, 0x11, 0x04, 0xef, 0x3b, + 0x09, 0xbe, 0xa3, 0xaa, 0x4e, 0x71, 0x11, + 0xef, 0x20, 0x13, 0x16, 0x8a, 0x14, 0xe4, + 0xc2, 0x4d, 0xeb, 0x1a, 0x2a, 0xfb }; -/* prime - 2048 bits */ -static uint8 diffie_hellman_prime_2048[] = { 0x00, - 0xf0, 0x49, 0x65, 0x6d, 0x24, 0x61, 0xe6, - 0x86, 0x8e, 0x57, 0x2b, 0x9b, 0x1c, 0x53, - 0x2e, 0xef, 0xd2, 0x6e, 0xe5, 0x6c, 0xc4, - 0x0c, 0x77, 0x1d, 0xce, 0xc7, 0xe0, 0x92, - 0x78, 0x8b, 0x2b, 0x80, 0x9f, 0xc4, 0x59, - 0xb5, 0x2e, 0xeb, 0x81, 0x8b, 0xfa, 0x08, - 0x9f, 0x02, 0x5e, 0x94, 0x85, 0xab, 0xab, - 0x08, 0x8a, 0x71, 0xb5, 0x0c, 0x26, 0x63, - 0x2f, 0x34, 0x10, 0xdf, 0x32, 0x9a, 0xa1, - 0xd5, 0xb5, 0xd7, 0xa1, 0x46, 0x24, 0x9a, - 0xe3, 0x2a, 0xf1, 0x3a, 0x52, 0xc4, 0xa4, - 0xe6, 0xa2, 0x29, 0x5e, 0x49, 0x0e, 0x2a, - 0x4d, 0xad, 0xcd, 0x92, 0xb6, 0xa5, 0x25, - 0xe5, 0x09, 0xae, 0x76, 0xe4, 0x19, 0xec, - 0x29, 0x9b, 0x9b, 0xdb, 0x0c, 0xc8, 0x28, - 0x1c, 0x49, 0x11, 0x45, 0x30, 0x51, 0x73, - 0x31, 0x18, 0x9e, 0xa5, 0x89, 0x7d, 0x17, - 0x22, 0xd5, 0x49, 0xaf, 0xf6, 0xe5, 0x00, - 0x55, 0x7f, 0x2b, 0x33, 0x2d, 0x2f, 0x89, - 0x73, 0x0b, 0x4d, 0x44, 0x72, 0xb1, 0x2e, - 0xa3, 0x68, 0xbe, 0x52, 0x4e, 0x5a, 0x66, - 0x36, 0xf9, 0x2c, 0xe7, 0xce, 0x92, 0x4d, - 0x0c, 0xa3, 0xc7, 0x85, 0x7e, 0xe6, 0x97, - 0x02, 0x8b, 0x0c, 0xcb, 0xf3, 0x6f, 0x2e, - 0x04, 0xed, 0x6e, 0x75, 0xcf, 0xd1, 0xd4, - 0x9f, 0xd3, 0x44, 0x3e, 0x5f, 0x81, 0xaa, - 0xc1, 0xb8, 0xe2, 0xab, 0xed, 0x3b, 0xfc, - 0xeb, 0x47, 0x48, 0xee, 0xe5, 0xfd, 0xc2, - 0x79, 0x7a, 0x01, 0xe9, 0xab, 0xc6, 0x34, - 0x65, 0x6a, 0x0a, 0x6c, 0xe8, 0x89, 0xa6, - 0x96, 0xd2, 0x1e, 0xe5, 0xbe, 0x58, 0xf2, - 0xcf, 0x17, 0xb8, 0x75, 0x43, 0xec, 0x0b, - 0xb2, 0x91, 0x50, 0x93, 0x4c, 0xd2, 0xa3, - 0xa4, 0x8a, 0x67, 0x23, 0x7f, 0x86, 0xac, - 0xe3, 0x56, 0x9b, 0x18, 0x03, 0x03, 0x70, - 0x50, 0x7b, 0x1a, 0x02, 0x22, 0x0b, 0x93, - 0xc8, 0x9b, 0xa8, 0x8f + +static uint8 diffie_hellman_prime_2048[256] = { + 0xf5, 0x8e, 0x4b, 0x03, 0x6d, 0xf6, 0xfc, + 0x3b, 0x42, 0xd1, 0x9f, 0x47, 0x0d, 0xf4, + 0x28, 0x7b, 0xed, 0x1b, 0x6b, 0x5e, 0x0c, + 0x3c, 0x18, 0xaa, 0x89, 0xc3, 0x55, 0xa7, + 0x4f, 0x17, 0xc2, 0x8f, 0x0c, 0xf2, 0x96, + 0xba, 0xa1, 0x0f, 0x9f, 0xc9, 0x1e, 0xb0, + 0x7c, 0x68, 0x02, 0x31, 0x86, 0x00, 0x38, + 0x5a, 0x91, 0x44, 0x44, 0xb3, 0xb7, 0x66, + 0x49, 0xfe, 0x09, 0x5a, 0x48, 0x21, 0xa9, + 0x07, 0x1b, 0x9c, 0xc0, 0x7d, 0x6d, 0x32, + 0xc5, 0x73, 0x9c, 0x74, 0xcb, 0xd6, 0x5b, + 0xdf, 0x1b, 0x05, 0x5a, 0x62, 0x65, 0x23, + 0xa4, 0xa6, 0x3b, 0xe3, 0xdf, 0x83, 0x16, + 0xb3, 0x83, 0x0d, 0x04, 0xc8, 0x5c, 0x3c, + 0x1f, 0x29, 0x57, 0x43, 0x22, 0x7a, 0x29, + 0xbf, 0x98, 0xca, 0xc9, 0xc6, 0x85, 0x45, + 0xe6, 0x31, 0x65, 0xf1, 0xac, 0x2f, 0x79, + 0x16, 0xed, 0x97, 0x71, 0x63, 0x14, 0xb1, + 0x61, 0xc8, 0xe2, 0x48, 0xc3, 0x7a, 0xc4, + 0xde, 0x3f, 0xa6, 0xab, 0xcc, 0x97, 0xb0, + 0x45, 0x70, 0xdf, 0x97, 0x07, 0xd5, 0x80, + 0xd1, 0xcf, 0xbe, 0x75, 0x4b, 0x6c, 0xa5, + 0xe5, 0xb4, 0x77, 0xef, 0xf8, 0x59, 0x11, + 0x3e, 0x9a, 0x3c, 0x8d, 0xe1, 0x1e, 0x26, + 0x6b, 0x0c, 0x06, 0x62, 0x0b, 0x96, 0x7e, + 0x0c, 0xe0, 0x06, 0xcc, 0xbf, 0x36, 0x78, + 0x24, 0x3c, 0x30, 0xe3, 0x34, 0xe2, 0x29, + 0xa8, 0x9a, 0x84, 0x54, 0x8f, 0x81, 0xf2, + 0x7e, 0x43, 0x36, 0x0f, 0x6a, 0xe3, 0xa5, + 0x33, 0x83, 0x31, 0x63, 0x4a, 0xf5, 0x07, + 0x30, 0xa1, 0x90, 0xd0, 0xe4, 0xe1, 0x3c, + 0x3e, 0xb4, 0xc0, 0x2b, 0x79, 0x3d, 0x62, + 0xf7, 0x24, 0x58, 0x6b, 0x5f, 0x60, 0x1f, + 0xb3, 0x3a, 0xc3, 0x44, 0xee, 0x80, 0xe8, + 0x51, 0xb1, 0xfb, 0x2e, 0x85, 0x71, 0x8e, + 0x1a, 0x74, 0xff, 0x87, 0x65, 0x5f, 0x10, + 0xaa, 0xfd, 0x4f, 0xb7 }; /* Holds the prime to be used in DH authentication. @@ -228,23 +228,23 @@ static uint8 diffie_hellman_prime_2048[] = { 0x00, _GNUTLS_DH_PARAMS _gnutls_dh_default_params[] = { {768, NULL, NULL, {DH_G_1024, sizeof(DH_G_1024)} , {diffie_hellman_group1_prime, sizeof diffie_hellman_group1_prime} - , 0} + , 0, 160} , {1024, NULL, NULL, {DH_G_1024, sizeof(DH_G_1024)} , {diffie_hellman_group1_prime, sizeof diffie_hellman_group1_prime} - , 0} + , 0, 180} , {2048, NULL, NULL, {DH_G_2048, sizeof(DH_G_2048)} , {diffie_hellman_prime_2048, sizeof diffie_hellman_prime_2048} - , 0} + , 0, 260} , {3072, NULL, NULL, {DH_G_3072, sizeof(DH_G_3072)} , {diffie_hellman_prime_3072, sizeof diffie_hellman_prime_3072} - , 0} + , 0, 340} , {4096, NULL, NULL, {DH_G_4096, sizeof(DH_G_4096)} , {diffie_hellman_prime_4096, sizeof diffie_hellman_prime_4096} - , 0} + , 0, 420} , {0, NULL, NULL, {NULL, 0} , {NULL, 0} @@ -255,23 +255,23 @@ const static _GNUTLS_DH_PARAMS _gnutls_dh_copy_params[] = { {768, NULL, NULL, {DH_G_1024, sizeof(DH_G_1024)} , {diffie_hellman_group1_prime, sizeof diffie_hellman_group1_prime} - , 0} + , 0, 160} , {1024, NULL, NULL, {DH_G_1024, sizeof(DH_G_1024)} , {diffie_hellman_group1_prime, sizeof diffie_hellman_group1_prime} - , 0} + , 0, 180} , {2048, NULL, NULL, {DH_G_2048, sizeof(DH_G_2048)} , {diffie_hellman_prime_2048, sizeof diffie_hellman_prime_2048} - , 0} + , 0, 260} , {3072, NULL, NULL, {DH_G_3072, sizeof(DH_G_3072)} , {diffie_hellman_prime_3072, sizeof diffie_hellman_prime_3072} - , 0} + , 0, 340} , {4096, NULL, NULL, {DH_G_4096, sizeof(DH_G_4096)} , {diffie_hellman_prime_4096, sizeof diffie_hellman_prime_4096} - , 0} + , 0, 420} , {0, NULL, NULL, {NULL, 0} , {NULL, 0} @@ -363,7 +363,7 @@ int i, n; /* returns g and p, depends on the requested bits. * We only support limited key sizes. */ -GNUTLS_MPI gnutls_get_dh_params(GNUTLS_DH_PARAMS dh_primes, GNUTLS_MPI * ret_p, int bits) +GNUTLS_MPI gnutls_get_dh_params(GNUTLS_DH_PARAMS dh_primes, GNUTLS_MPI * ret_p, int bits, int * qbits) { GNUTLS_MPI g=NULL, prime=NULL; int i; @@ -380,6 +380,8 @@ GNUTLS_MPI gnutls_get_dh_params(GNUTLS_DH_PARAMS dh_primes, GNUTLS_MPI * ret_p, if (dh_primes[i].bits == bits) { prime = _gnutls_mpi_copy(dh_primes[i]._prime); g = _gnutls_mpi_copy(dh_primes[i]._generator); + if (qbits) + *qbits = dh_primes[i].qbits; break; } i++; @@ -440,7 +442,7 @@ GNUTLS_MPI _gnutls_get_rnd_srp_params( GNUTLS_MPI * ret_p, int bits) GNUTLS_MPI _gcry_generate_elg_prime(int mode, unsigned pbits, unsigned qbits, GNUTLS_MPI g, GNUTLS_MPI ** ret_factors); -int _gnutls_dh_generate_prime(GNUTLS_MPI * ret_g, GNUTLS_MPI * ret_n, int bits) +int _gnutls_dh_generate_prime(GNUTLS_MPI * ret_g, GNUTLS_MPI * ret_n, int bits, int* _qbits) { GNUTLS_MPI g, prime; @@ -459,6 +461,8 @@ int _gnutls_dh_generate_prime(GNUTLS_MPI * ret_g, GNUTLS_MPI * ret_n, int bits) qbits = 120 + (((bits / 256) - 1) * 20); if (qbits & 1) /* better have a even one */ qbits++; + + if (_qbits) *_qbits = qbits; prime = _gcry_generate_elg_prime(0, bits, qbits, g, NULL); if (prime == NULL || g == NULL) { @@ -499,6 +503,7 @@ int i=0; * @prime: holds the new prime * @generator: holds the new generator * @bits: is the prime's number of bits + * @qbits: is the number of bits of q * * This function will replace the pair of prime and generator for use in * the Diffie-Hellman key exchange. The new parameters should be stored in the @@ -507,7 +512,7 @@ int i=0; * Note that the bits value should be one of 768, 1024, 2048, 3072 or 4096. * **/ -int gnutls_dh_params_set( GNUTLS_DH_PARAMS dh_params, gnutls_datum prime, gnutls_datum generator, int bits) +int gnutls_dh_params_set( GNUTLS_DH_PARAMS dh_params, gnutls_datum prime, gnutls_datum generator, int bits, int qbits) { GNUTLS_MPI tmp_prime, tmp_g; int siz=0, i=0; @@ -551,6 +556,8 @@ int gnutls_dh_params_set( GNUTLS_DH_PARAMS dh_params, gnutls_datum prime, gnutls sprime->_prime = tmp_prime; sprime->_generator = tmp_g; + sprime->qbits = qbits; + /* sprime->_prime = _gnutls_mpi_copy(tmp_prime); sprime->_generator = _gnutls_mpi_copy(tmp_g); */ @@ -624,6 +631,7 @@ int i; * @prime: will hold the new prime * @generator: will hold the new generator * @bits: is the prime's number of bits + * @qbits: The bits of q * * This function will generate a new pair of prime and generator for use in * the Diffie-Hellman key exchange. The new parameters will be allocated using @@ -638,7 +646,7 @@ int i; * no use calling this in client side. * **/ -int gnutls_dh_params_generate( gnutls_datum* prime, gnutls_datum* generator, int bits) +int gnutls_dh_params_generate( gnutls_datum* prime, gnutls_datum* generator, int bits, int* qbits) { GNUTLS_MPI tmp_prime, tmp_g; @@ -649,7 +657,7 @@ int gnutls_dh_params_generate( gnutls_datum* prime, gnutls_datum* generator, int return GNUTLS_E_INVALID_PARAMETERS; } - if (_gnutls_dh_generate_prime(&tmp_g, &tmp_prime, bits) < 0) { + if (_gnutls_dh_generate_prime(&tmp_g, &tmp_prime, bits, qbits) < 0) { gnutls_assert(); return GNUTLS_E_MEMORY_ERROR; } diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index bbaf3013da..ba22fb9a7d 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -580,6 +580,7 @@ typedef struct { int local; /* indicates if it is * not malloced, !=0 indicates malloced */ + int qbits; } _GNUTLS_DH_PARAMS; #define GNUTLS_DH_PARAMS _GNUTLS_DH_PARAMS* diff --git a/src/prime.c b/src/prime.c index 7232174885..f340b9b70a 100644 --- a/src/prime.c +++ b/src/prime.c @@ -81,7 +81,7 @@ int main(int argc, char **argv) tmp = malloc(size); gcry_mpi_print(GCRYMPI_FMT_USG, tmp, &size, prime); - printf( "/* prime - %d bits */\n", gcry_mpi_get_nbits(prime)); + printf( "/* prime - %d bits (qbits: %d) */\n", gcry_mpi_get_nbits(prime), qbits); printf( "\nconst uint8 prime[%d] = { ", size); for (i=0;i