diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2008-10-26 23:53:52 +0000 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2008-10-26 23:53:52 +0000 |
| commit | 21a45f2f2d4c6084bd17a2a9b51a25844b535603 (patch) | |
| tree | 6880f52b087fa575c0c563cc9c5ce230ad03e7fe /src | |
| parent | 82d20c058813655596ed743bfe5a8617a7fbcafe (diff) | |
| download | strongswan-21a45f2f2d4c6084bd17a2a9b51a25844b535603.tar.bz2 strongswan-21a45f2f2d4c6084bd17a2a9b51a25844b535603.tar.xz | |
use 512 bits of entropy for secret DH exponents
Diffstat (limited to 'src')
| -rw-r--r-- | src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c | 4 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c | 1 | ||||
| -rw-r--r-- | src/libstrongswan/utils.h | 5 | ||||
| -rw-r--r-- | src/pluto/constants.h | 2 |
4 files changed, 10 insertions, 2 deletions
diff --git a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c index 4c5ffc6aa..4d978f97c 100644 --- a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c +++ b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c @@ -282,6 +282,8 @@ static u_int8_t group18_modulus[] = { 0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, }; +#define DH_EXPONENT_ENTROPY 64 /* bytes = 512 bits */ + typedef struct modulus_entry_t modulus_entry_t; /** @@ -567,7 +569,7 @@ gmp_diffie_hellman_t *gmp_diffie_hellman_create(diffie_hellman_group_t group) destroy(this); return NULL; } - rng->allocate_bytes(rng, this->p_len, &random); + rng->allocate_bytes(rng, DH_EXPONENT_ENTROPY_SIZE / BITS_PER_BYTE, &random); rng->destroy(rng); mpz_import(this->xa, random.len, 1, 1, 1, 0, random.ptr); chunk_free(&random); diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c index d3e54919a..217b1aa55 100644 --- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c +++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c @@ -217,6 +217,7 @@ openssl_diffie_hellman_t *openssl_diffie_hellman_create(diffie_hellman_group_t g free(this); return NULL; } + this->dh->length = DH_EXPONENT_ENTROPY_SIZE; this->group = group; this->computed = FALSE; diff --git a/src/libstrongswan/utils.h b/src/libstrongswan/utils.h index 4d05ce58b..326047644 100644 --- a/src/libstrongswan/utils.h +++ b/src/libstrongswan/utils.h @@ -41,6 +41,11 @@ #define BUF_LEN 512 /** + * Entropy in bits of secret Diffie-Hellman exponents + */ +#define DH_EXPONENT_ENTROPY_SIZE 512 + +/** * Macro compares two strings for equality */ #define streq(x,y) (strcmp(x, y) == 0) diff --git a/src/pluto/constants.h b/src/pluto/constants.h index 989faeea3..9505d3426 100644 --- a/src/pluto/constants.h +++ b/src/pluto/constants.h @@ -279,7 +279,7 @@ extern const char sparse_end[]; "4009438B 481C6CD7 889A002E D5EE382B C9190DA6 FC026E47" \ "9558E447 5677E9AA 9E3050E2 765694DF C81F56E8 80B96E71" \ "60C980DD 98EDD3DF FFFFFFFF FFFFFFFF" -#define LOCALSECRETSIZE (256 / BITS_PER_BYTE) +#define LOCALSECRETSIZE (512 / BITS_PER_BYTE) /* limits on nonce sizes. See RFC2409 "The internet key exchange (IKE)" 5 */ #define MINIMUM_NONCE_SIZE 8 /* bytes */ |