implement smaller private key sizes
This commit is contained in:
parent
f46b32ba2e
commit
f31d8ff864
@ -116,6 +116,39 @@ int dh_make_key(prng_state *prng, int wprng, int keysize, dh_key *key)
|
||||
unsigned long x;
|
||||
void *p, *g;
|
||||
int err;
|
||||
/* Table of the strength estimates from https://tools.ietf.org/html/rfc3526#section-8
|
||||
* We use them as a reference to estimate an appropriate private key size.
|
||||
*/
|
||||
const int private_key_sizes[][2] =
|
||||
{
|
||||
#ifdef LTC_DH768
|
||||
{ 180, 240, },
|
||||
#endif
|
||||
#ifdef LTC_DH1024
|
||||
{ 180, 240, },
|
||||
#endif
|
||||
#ifdef LTC_DH1536
|
||||
{ 180, 240, },
|
||||
#endif
|
||||
#ifdef LTC_DH2048
|
||||
/* here we use 224 instead of 220 as NIST requires
|
||||
* at least 224bits for the 2048bit group */
|
||||
{ 224, 320, },
|
||||
#endif
|
||||
#ifdef LTC_DH3072
|
||||
{ 260, 420, },
|
||||
#endif
|
||||
#ifdef LTC_DH4096
|
||||
{ 300, 480, },
|
||||
#endif
|
||||
#ifdef LTC_DH6144
|
||||
{ 340, 540, },
|
||||
#endif
|
||||
#ifdef LTC_DH8192
|
||||
{ 380, 620, },
|
||||
#endif
|
||||
{ INT_MAX, INT_MAX, }
|
||||
};
|
||||
|
||||
LTC_ARGCHK(key != NULL);
|
||||
|
||||
@ -126,16 +159,28 @@ int dh_make_key(prng_state *prng, int wprng, int keysize, dh_key *key)
|
||||
|
||||
/* find key size */
|
||||
for (x = 0; (keysize > sets[x].size) && (sets[x].size != 0); x++);
|
||||
#ifdef FAST_PK
|
||||
keysize = MIN(sets[x].size, 32);
|
||||
#else
|
||||
keysize = sets[x].size;
|
||||
#endif
|
||||
if (sets[x].size == 0) {
|
||||
return CRYPT_INVALID_KEYSIZE;
|
||||
}
|
||||
if (x >= sizeof(private_key_sizes) / sizeof(private_key_sizes[0])) {
|
||||
return CRYPT_INVALID_KEYSIZE;
|
||||
}
|
||||
key->idx = x;
|
||||
|
||||
/* 1. Read a random digit
|
||||
* 2. Shorten it to the range between both strengths'
|
||||
* 3. Now we have a random digit between both strengths'
|
||||
* 4. Make sure the division afterwards rounds up
|
||||
* 5. Convert bit to byte
|
||||
*/
|
||||
if (prng_descriptor[wprng].read((void*)&keysize, sizeof(keysize), prng) != sizeof(keysize)) {
|
||||
return CRYPT_ERROR_READPRNG;
|
||||
}
|
||||
keysize %= private_key_sizes[x][1] - private_key_sizes[x][0];
|
||||
keysize += private_key_sizes[x][0];
|
||||
keysize += 7;
|
||||
keysize /= 8;
|
||||
|
||||
/* allocate buffer */
|
||||
buf = XMALLOC(keysize);
|
||||
if (buf == NULL) {
|
||||
|
Loading…
Reference in New Issue
Block a user