diff options
| -rw-r--r-- | src/common/crypto.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c index 647d634fa7..81690b26d7 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -1829,24 +1829,27 @@ crypto_generate_dynamic_prime(void) DH *dh_parameters; int r; int dh_codes; + char *s; dh_parameters = DH_new(); dynamic_prime = BN_new(); misc = BN_new(); tor_assert(dynamic_prime); - log_notice(LD_OR, "Generating Dynamic prime; this will take a while..."); dh_parameters = DH_generate_parameters(DH_BYTES*8, DH_GENERATOR, NULL, NULL); // XXX Do we want a pretty call back? tor_assert(dh_parameters); - log_notice(LD_OR, "Dynamic prime generated!"); - log_notice(LD_OR, "Testing our Dynamic prime; this will take a while..."); r = DH_check(dh_parameters, &dh_codes); tor_assert(r); - log_notice(LD_OR, "Dynamic prime seems probabilistically reasonable!"); misc = BN_copy(dynamic_prime, dh_parameters->p); tor_assert(misc); DH_free(dh_parameters); + { + s = BN_bn2hex(dynamic_prime); + log_notice(LD_OR, "Dynamic prime generated: [%s]", s); + OPENSSL_free(s); + } + return dynamic_prime; } @@ -1875,6 +1878,7 @@ init_dh_param(void) /* This implements the prime number strategy outlined in prop 179 */ if (use_dynamic_primes) { + log_notice(LD_OR, "Generating fresh dynamic prime."); dynamic_prime = crypto_generate_dynamic_prime(); } |