diff options
author | Nick Mathewson <nickm@torproject.org> | 2005-11-14 19:18:31 +0000 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2005-11-14 19:18:31 +0000 |
commit | 887178e71032e913930d1258f59f09d8d361b19b (patch) | |
tree | 83d1163028b0bd9fb364ea05dbe17491131a9262 /src/common/crypto.c | |
parent | 669fdde91bda9accd874b99d0f349e5cd620bc7e (diff) | |
download | tor-887178e71032e913930d1258f59f09d8d361b19b.tar.gz tor-887178e71032e913930d1258f59f09d8d361b19b.zip |
Oops. It looks like there *was* an easy way to make openssl do what we wanted.
svn:r5370
Diffstat (limited to 'src/common/crypto.c')
-rw-r--r-- | src/common/crypto.c | 21 |
1 files changed, 4 insertions, 17 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c index 4efee015da..2ab145ee4d 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -1361,6 +1361,8 @@ init_dh_param(void) dh_param_g = g; } +#define DH_PRIVATE_KEY_BITS 320 + /** Allocate and return a new DH object for a key exchange. */ crypto_dh_env_t * @@ -1382,6 +1384,8 @@ crypto_dh_new(void) if (!(res->dh->g = BN_dup(dh_param_g))) goto err; + res->dh->length = DH_PRIVATE_KEY_BITS; + return res; err: crypto_log_errors(LOG_WARN, "creating DH object"); @@ -1390,8 +1394,6 @@ crypto_dh_new(void) return NULL; } -#define DH_PRIVATE_KEY_BITS 320 - /** Return the length of the DH key in <b>dh</b>, in bytes. */ int @@ -1407,22 +1409,7 @@ crypto_dh_get_bytes(crypto_dh_env_t *dh) int crypto_dh_generate_public(crypto_dh_env_t *dh) { - int pk_bits = BN_num_bits(dh->dh->p); - if (pk_bits > DH_PRIVATE_KEY_BITS) - pk_bits = DH_PRIVATE_KEY_BITS; again: - if (!dh->dh->priv_key) { - dh->dh->priv_key = BN_new(); - if (!dh->dh->priv_key) { - err(LD_MM, "Unable to allocate BN."); - return -1; - } - } - /* We generate the key ourselves so that we can get a 2-3x speedup by using - * a 320-bit x instead of a 1024-bit x. */ - if (!BN_rand(dh->dh->priv_key, pk_bits, 0, 0)) { - crypto_log_errors(LOG_WARN, "Generating DH private key"); - } if (!DH_generate_key(dh->dh)) { crypto_log_errors(LOG_WARN, "generating DH key"); return -1; |