From 3bb0b9f4ea46431189b2cae2a6c2887f786d822a Mon Sep 17 00:00:00 2001
From: cinap_lenrek <cinap_lenrek@felloff.net>
Date: Wed, 26 Aug 2015 05:59:42 +0200
Subject: libsec: add q parameter to dh_new() for subgroup support, sanitize dh
 parameters

---
 sys/include/libsec.h | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

(limited to 'sys/include/libsec.h')

diff --git a/sys/include/libsec.h b/sys/include/libsec.h
index 60f25f944..e4d80bd4b 100644
--- a/sys/include/libsec.h
+++ b/sys/include/libsec.h
@@ -447,15 +447,16 @@ struct DHstate
 {
 	mpint	*g;	/* base g */
 	mpint	*p;	/* large prime */
+	mpint	*q;	/* subgroup prime */
 	mpint	*x;	/* random secret */
-	mpint	*y;	/* public key y = g ^ x % p */
+	mpint	*y;	/* public key y = g**x % p */
 };
 
-/* generate new public key: y = g ^ x % p */
-mpint* dh_new(DHstate *dh, mpint *p, mpint *g);
+/* generate new public key: y = g**x % p */
+mpint* dh_new(DHstate *dh, mpint *p, mpint *q, mpint *g);
 
-/* calculate shared key: k = pub ^ x % p */
-mpint* dh_finish(DHstate *dh, mpint *pub);
+/* calculate shared key: k = y**x % p */
+mpint* dh_finish(DHstate *dh, mpint *y);
 
 /* password-based key derivation function 2 (RFC 2898) */
 void pbkdf2_hmac_sha1(uchar *p, ulong plen, uchar *s, ulong slen, ulong rounds, uchar *d, ulong dlen);
-- 
cgit v1.2.3