X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fdh%2Fdh_key.c;h=50e8011c833a4afbbd79da434fa2e76f35e0cfa9;hp=99c722bf03924c186a1fe73ef4de3b35e93265c6;hb=31360957fb866264a82d0aa63a18a76740c32cb0;hpb=83c3410b94ae3c845142fdfb55e245273846ecf0

diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
index 99c722bf03..50e8011c83 100644
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -56,6 +56,8 @@
  * [including the GNU Public Licence.]
  */
 
+#define OPENSSL_FIPSAPI
+
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/bn.h>
@@ -84,6 +86,21 @@ int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
 	return dh->meth->compute_key(key, pub_key, dh);
 	}
 
+int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh)
+	{
+	int rv, pad;
+	rv = dh->meth->compute_key(key, pub_key, dh);
+	if (rv <= 0)
+		return rv;
+	pad = BN_num_bytes(dh->p) - rv;
+	if (pad > 0)
+		{
+		memmove(key + pad, key, rv);
+		memset(key, 0, pad);
+		}
+	return rv + pad;
+	}
+
 static DH_METHOD dh_ossl = {
 "OpenSSL DH Method",
 generate_key,
@@ -149,8 +166,21 @@ static int generate_key(DH *dh)
 
 	if (generate_new_key)
 		{
-		l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
-		if (!BN_rand(priv_key, l, 0, 0)) goto err;
+		if (dh->q)
+			{
+			do
+				{
+				if (!BN_rand_range(priv_key, dh->q))
+					goto err;
+				}
+			while (BN_is_zero(priv_key) || BN_is_one(priv_key));
+			}
+		else
+			{
+			/* secret exponent length */
+			l = dh->length ? dh->length : BN_num_bits(dh->p)-1;
+			if (!BN_rand(priv_key, l, 0, 0)) goto err;
+			}
 		}
 
 	{