~mdw
/
catacomb
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
pub/dh-kcdsa.c: Retry or fail if we don't get the target sizes.
[catacomb]
/
pub
/
dh-kcdsa.c
diff --git
a/pub/dh-kcdsa.c
b/pub/dh-kcdsa.c
index
f4d0390
..
d27bc7d
100644
(file)
--- a/
pub/dh-kcdsa.c
+++ b/
pub/dh-kcdsa.c
@@
-70,6
+70,7
@@
int dh_kcdsagen(dh_param *dp, unsigned ql, unsigned pl,
/* --- First trick: find %$v$% --- */
/* --- First trick: find %$v$% --- */
+retry:
pf.step = 2;
x = mprand(x, pl - ql - 1, r, 1);
x = pgen("v", x, x, ev, ec,
pf.step = 2;
x = mprand(x, pl - ql - 1, r, 1);
x = pgen("v", x, x, ev, ec,
@@
-95,6
+96,12
@@
int dh_kcdsagen(dh_param *dp, unsigned ql, unsigned pl,
dp->p = sp[1].u.x;
if (!dp->q)
goto fail_1;
dp->p = sp[1].u.x;
if (!dp->q)
goto fail_1;
+ if (mp_bits(dp->q) != ql || mp_bits(dp->p) != pl) {
+ if (steps) goto fail_1;
+ MP_DROP(dp->p);
+ MP_DROP(dp->q);
+ goto retry;
+ }
/* --- Third trick: find a generator --- */
/* --- Third trick: find a generator --- */