Mercurial > dropbear

comparison gendss.c @ 1733:d529a52b2f7c coverity coverity

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
merge coverity from main
author Matt Johnston <matt@ucc.asn.au>
date Fri, 26 Jun 2020 21:07:34 +0800
parents f52919ffd3b1
children
comparison
equal deleted inserted replaced
1643:b59623a64678 1733:d529a52b2f7c
66 } 66 }
67 67
68 static void getq(const dropbear_dss_key *key) { 68 static void getq(const dropbear_dss_key *key) {
69 69
70 unsigned char buf[QSIZE]; 70 unsigned char buf[QSIZE];
71 int trials;
71 72
72 /* 160 bit prime */ 73 /* 160 bit prime */
73 genrandom(buf, QSIZE); 74 genrandom(buf, QSIZE);
74 buf[0] |= 0x80; /* top bit high */ 75 buf[0] |= 0x80; /* top bit high */
75 buf[QSIZE-1] |= 0x01; /* bottom bit high */ 76 buf[QSIZE-1] |= 0x01; /* bottom bit high */
76 77
77 bytes_to_mp(key->q, buf, QSIZE); 78 bytes_to_mp(key->q, buf, QSIZE);
78 79
79 /* 18 rounds are required according to HAC */ 80 /* ask FIPS 186.4 how many Rabin-Miller trials are required */
80 if (mp_prime_next_prime(key->q, 18, 0) != MP_OKAY) { 81 trials = mp_prime_rabin_miller_trials(mp_count_bits(key->q));
82 if (mp_prime_next_prime(key->q, trials, 0) != MP_OKAY) {
81 fprintf(stderr, "DSS key generation failed\n"); 83 fprintf(stderr, "DSS key generation failed\n");
82 exit(1); 84 exit(1);
83 } 85 }
84 } 86 }
85 87
87 89
88 DEF_MP_INT(tempX); 90 DEF_MP_INT(tempX);
89 DEF_MP_INT(tempC); 91 DEF_MP_INT(tempC);
90 DEF_MP_INT(tempP); 92 DEF_MP_INT(tempP);
91 DEF_MP_INT(temp2q); 93 DEF_MP_INT(temp2q);
92 int result; 94 int result, trials;
93 unsigned char *buf; 95 unsigned char *buf;
94 96
95 m_mp_init_multi(&tempX, &tempC, &tempP, &temp2q, NULL); 97 m_mp_init_multi(&tempX, &tempC, &tempP, &temp2q, NULL);
96 98
97 99
127 if (mp_add_d(&tempP, 1, key->p) != MP_OKAY) { 129 if (mp_add_d(&tempP, 1, key->p) != MP_OKAY) {
128 fprintf(stderr, "DSS key generation failed\n"); 130 fprintf(stderr, "DSS key generation failed\n");
129 exit(1); 131 exit(1);
130 } 132 }
131 133
132 /* now check for prime, 5 rounds is enough according to HAC */ 134 /* ask FIPS 186.4 how many Rabin-Miller trials are required */
135 trials = mp_prime_rabin_miller_trials(mp_count_bits(key->p));
133 /* result == 1 => p is prime */ 136 /* result == 1 => p is prime */
134 if (mp_prime_is_prime(key->p, 5, &result) != MP_OKAY) { 137 if (mp_prime_is_prime(key->p, trials, &result) != MP_OKAY) {
135 fprintf(stderr, "DSS key generation failed\n"); 138 fprintf(stderr, "DSS key generation failed\n");
136 exit(1); 139 exit(1);
137 } 140 }
138 } while (!result); 141 } while (!result);
139 142