Don't preserve existing keys in DH_generate_key.

author: Bodo Möller <bodo@openssl.org> 2001-07-25 17:20:34 +0000
committer: Bodo Möller <bodo@openssl.org> 2001-07-25 17:20:34 +0000
commit: 6aecef815c3c989f6fa2a7b6edf2984e76306622 (patch)
tree: 8bd689efdda456f6f0844f4c34c23a75c1df8285 /crypto/dh/dh_key.c
parent: daba492c3a461bbcc0df69d609124936a19205f6 (diff)
download: openssl-6aecef815c3c989f6fa2a7b6edf2984e76306622.tar.gz
1 files changed, 10 insertions, 6 deletions
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
index 91af882e43..718a9a481e 100644
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -101,6 +101,7 @@ const DH_METHOD *DH_OpenSSL(void)
 static int generate_key(DH *dh)
 	{
 	int ok=0;
+	unsigned l;
 	BN_CTX *ctx;
 	BN_MONT_CTX *mont;
 	BIGNUM *pub_key=NULL,*priv_key=NULL;
@@ -112,9 +113,6 @@ static int generate_key(DH *dh)
 		{
 		priv_key=BN_new();
 		if (priv_key == NULL) goto err;
-		do
-			if (!BN_rand_range(priv_key, dh->p)) goto err;
-		while (BN_is_zero(priv_key));
 		}
 	else
 		priv_key=dh->priv_key;
@@ -135,9 +133,15 @@ static int generate_key(DH *dh)
 		}
 	mont=(BN_MONT_CTX *)dh->method_mont_p;
 
-	if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, pub_key, dh->g,
-				priv_key,dh->p,ctx,mont))
-		goto err;
+	l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
+
+	do
+		{
+		if (!BN_rand(priv_key, l, 0, 0)) goto err;
+		if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, pub_key, dh->g,
+			priv_key,dh->p,ctx,mont)) goto err;
+		}
+	while (BN_is_one(priv_key));
 		
 	dh->pub_key=pub_key;
 	dh->priv_key=priv_key;
author	Bodo Möller <bodo@openssl.org>	2001-07-25 17:20:34 +0000
committer	Bodo Möller <bodo@openssl.org>	2001-07-25 17:20:34 +0000
commit	6aecef815c3c989f6fa2a7b6edf2984e76306622 (patch)
tree	8bd689efdda456f6f0844f4c34c23a75c1df8285 /crypto/dh/dh_key.c
parent	daba492c3a461bbcc0df69d609124936a19205f6 (diff)
download	openssl-6aecef815c3c989f6fa2a7b6edf2984e76306622.tar.gz