{
int rc;
const char *err;
+ dhge *K;
+ int ok;
if ((rc = dh->ldpriv(kf, k, d, kd, t, e)) != 0)
goto fail_0;
a_format(e, "bad-group", "%s", err, A_END);
goto fail_1;
}
+ K = kd->grp->ops->mul(kd->grp, kd->k, 0);
+ ok = kd->grp->ops->eq(kd->grp, kd->K, K);
+ kd->grp->ops->freege(kd->grp, K);
+ if (!ok) {
+ a_format(e, "incorrect-public-key", A_END);
+ goto fail_1;
+ }
return (0);
fail_1:
tag may be given next, preceded by the token
.BR key .
.SP
+.BI "KEYMGMT private-keyring " file " key " tag " incorrect-public-key"
+The private key doesn't record the correct corresponding public key.
+.SP
.BI "KEYMGMT public-keyring " file " key " tag " algorithm-mismatch"
A peer's public key doesn't request the same algorithms as our private
key.