/*
- * $Id: uams_dhx2_pam.c,v 1.12 2010-03-30 10:25:49 franklahm Exp $
- *
* Copyright (c) 1990,1993 Regents of The University of Michigan.
* Copyright (c) 1999 Adrian Sun (asun@u.washington.edu)
* All Rights Reserved. See COPYRIGHT.
* the Diffie-Hellman key exchange.
* The bits value should be one of 768, 1024, 2048, 3072 or 4096.
**/
-
-static int
-dh_params_generate (gcry_mpi_t *ret_p, gcry_mpi_t *ret_g, unsigned int bits) {
+static int dh_params_generate (unsigned int bits) {
int result, times = 0, qbits;
-
- gcry_mpi_t g = NULL, prime = NULL;
gcry_mpi_t *factors = NULL;
gcry_error_t err;
/* find a prime number of size bits. */
do {
if (times) {
- gcry_mpi_release (prime);
+ gcry_mpi_release(p);
gcry_prime_release_factors (factors);
}
- err = gcry_prime_generate (&prime, bits, qbits, &factors, NULL, NULL,
- GCRY_STRONG_RANDOM, GCRY_PRIME_FLAG_SPECIAL_FACTOR);
+ err = gcry_prime_generate(&p, bits, qbits, &factors, NULL, NULL,
+ GCRY_STRONG_RANDOM, GCRY_PRIME_FLAG_SPECIAL_FACTOR);
if (err != 0) {
result = AFPERR_MISC;
goto error;
}
- err = gcry_prime_check (prime, 0);
+ err = gcry_prime_check(p, 0);
times++;
} while (err != 0 && times < 10);
}
/* generate the group generator. */
- err = gcry_prime_group_generator (&g, prime, factors, NULL);
+ err = gcry_prime_group_generator(&g, p, factors, NULL);
if (err != 0) {
result = AFPERR_MISC;
goto error;
}
- gcry_prime_release_factors (factors);
- factors = NULL;
-
- if (ret_g)
- *ret_g = g;
- else
- gcry_mpi_release (g);
- if (ret_p)
- *ret_p = prime;
- else
- gcry_mpi_release (prime);
+ gcry_prime_release_factors(factors);
return 0;
error:
- gcry_prime_release_factors (factors);
- gcry_mpi_release (g);
- gcry_mpi_release (prime);
+ gcry_prime_release_factors(factors);
return result;
}
{
int ret;
size_t nwritten;
- gcry_mpi_t g, Ma;
+ gcry_mpi_t Ma;
char *Ra_binary = NULL;
*rbuflen = 0;
- p = gcry_mpi_new(0);
- g = gcry_mpi_new(0);
Ra = gcry_mpi_new(0);
Ma = gcry_mpi_new(0);
- /* Generate p and g for DH */
- ret = dh_params_generate( &p, &g, PRIMEBITS);
- if (ret != 0) {
- LOG(log_info, logtype_uams, "DHX2: Couldn't generate p and g");
- ret = AFPERR_MISC;
- goto error;
- }
-
/* Generate our random number Ra. */
Ra_binary = calloc(1, PRIMEBITS/8);
if (Ra_binary == NULL) {
ret = AFPERR_AUTHCONT;
error: /* We exit here anyway */
- /* We will only need p and Ra later, but mustn't forget to release it ! */
- gcry_mpi_release(g);
+ /* We will need Ra later, but mustn't forget to release it ! */
gcry_mpi_release(Ma);
return ret;
}
}
/* -------------------------------- */
-
static int logincont1(void *obj _U_, char *ibuf, size_t ibuflen, char *rbuf, size_t *rbuflen)
{
int ret;
gcry_mpi_release(K);
gcry_mpi_release(Mb);
gcry_mpi_release(Ra);
- gcry_mpi_release(p);
gcry_mpi_release(clientNonce);
return ret;
}
return -1;
if (uam_register(UAM_SERVER_CHANGEPW, path, "DHX2", dhx2_changepw) < 0)
return -1;
+
+ p = gcry_mpi_new(0);
+ g = gcry_mpi_new(0);
+
+ LOG(log_debug, logtype_uams, "DHX2: generating mersenne primes");
+ /* Generate p and g for DH */
+ if (dh_params_generate(PRIMEBITS) != 0) {
+ LOG(log_error, logtype_uams, "DHX2: Couldn't generate p and g");
+ return -1;
+ }
+
return 0;
}
{
uam_unregister(UAM_SERVER_LOGIN, "DHX2");
uam_unregister(UAM_SERVER_CHANGEPW, "DHX2");
+
+ gcry_mpi_release(p);
+ gcry_mpi_release(g);
}
};
#endif /* USE_PAM && UAM_DHX2 */
-
projects / netatalk.git / blobdiff