DH_generate_key generates wrong public key size?

Fri, 01 Apr 2005 01:32:19 -0800 

I'm seeing DH_generate_key generate a public key that is 1 byte less than
expected (127 instead of 128 bytes for a 1024-bit key), but only
sporadically (about every 200-300 tries). I've written the following test
case that always fails for me in less than 300 iterations. I've only
included error checking for the part that I'm seeing fail (for brevity in
this test case, but I verified at each step that nothing else seems to be
failing). The Parameter P data comes from the p1024.c file that comes with
OpenSSL. DH_generate_key always returns 1 (success), but BN_num_bytes says
the pub_key is 127 in some cases.

Am I doing something wrong? Or could this be a problem in DH_generate_key?

I searched the archives and saw that somebody else ran into a similar issue,
but I didn't see any responses:

<http://groups-beta.google.com/group/mailing.openssl.users/msg/acbbaf762919a
141>

Any feedback would be appreciated.

-- 

void DHTest( void )
{
    static unsigned char    DH_PARAM_P[] =
    {
        0x97,0xF6,0x42,0x61,0xCA,0xB5,0x05,0xDD,
        0x28,0x28,0xE1,0x3F,0x1D,0x68,0xB6,0xD3,
        0xDB,0xD0,0xF3,0x13,0x04,0x7F,0x40,0xE8,
        0x56,0xDA,0x58,0xCB,0x13,0xB8,0xA1,0xBF,
        0x2B,0x78,0x3A,0x4C,0x6D,0x59,0xD5,0xF9,
        0x2A,0xFC,0x6C,0xFF,0x3D,0x69,0x3F,0x78,
        0xB2,0x3D,0x4F,0x31,0x60,0xA9,0x50,0x2E,
        0x3E,0xFA,0xF7,0xAB,0x5E,0x1A,0xD5,0xA6,
        0x5E,0x55,0x43,0x13,0x82,0x8D,0xA8,0x3B,
        0x9F,0xF2,0xD9,0x41,0xDE,0xE9,0x56,0x89,
        0xFA,0xDA,0xEA,0x09,0x36,0xAD,0xDF,0x19,
        0x71,0xFE,0x63,0x5B,0x20,0xAF,0x47,0x03,
        0x64,0x60,0x3C,0x2D,0xE0,0x59,0xF5,0x4B,
        0x65,0x0A,0xD8,0xFA,0x0C,0xF7,0x01,0x21,
        0xC7,0x47,0x99,0xD7,0x58,0x71,0x32,0xBE,
        0x9B,0x99,0x9B,0xB9,0xB7,0x87,0xE8,0xAB
    };
    static const int        DH_PARAM_P_SIZE = 128;
    
    int         i;
    int         n;
    DH *        dh;
    int         result;
    
    n = 1000;
    for( i = 0; i < n; ++i )
    {
        dh = DH_new();
        dh->p = BN_bin2bn( DH_PARAM_P, DH_PARAM_P_SIZE, NULL );
        dh->g = BN_new();
        result = BN_set_word( dh->g, DH_GENERATOR_2 );
        result = DH_generate_key( dh );
        if( result != 1 )
        {
            printf( "DH_generate_key failed: %d\n", result );
            abort();
        }
        result = BN_num_bytes( dh->pub_key );
        if( result != DH_PARAM_P_SIZE )
        {
            printf( "pub_key (%d) != %d\n", result, DH_PARAM_P_SIZE );
            abort();
        }
        DH_free( dh );
        
        printf( "DHTest: %3d of %d: PASSED\n", i, n );
    }
}


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to