From 21a45f2f2d4c6084bd17a2a9b51a25844b535603 Mon Sep 17 00:00:00 2001 From: Andreas Steffen Date: Sun, 26 Oct 2008 23:53:52 +0000 Subject: use 512 bits of entropy for secret DH exponents --- src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c') diff --git a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c index 4c5ffc6aa..4d978f97c 100644 --- a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c +++ b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c @@ -282,6 +282,8 @@ static u_int8_t group18_modulus[] = { 0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, }; +#define DH_EXPONENT_ENTROPY 64 /* bytes = 512 bits */ + typedef struct modulus_entry_t modulus_entry_t; /** @@ -567,7 +569,7 @@ gmp_diffie_hellman_t *gmp_diffie_hellman_create(diffie_hellman_group_t group) destroy(this); return NULL; } - rng->allocate_bytes(rng, this->p_len, &random); + rng->allocate_bytes(rng, DH_EXPONENT_ENTROPY_SIZE / BITS_PER_BYTE, &random); rng->destroy(rng); mpz_import(this->xa, random.len, 1, 1, 1, 0, random.ptr); chunk_free(&random); -- cgit v1.2.3