New SP 800-56A compliant version of DH_compute_key().

diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h
index 084dc08c786dcf07221ec077443e9fbeb4cb7efa..63db8c908b00c83d22735df4c340229e2c81db61 100644 (file)
--- a/crypto/dh/dh.h
+++ b/crypto/dh/dh.h
@@ -202,6 +202,7 @@ int DH_check(const DH *dh,int *codes);
 int    DH_check_pub_key(const DH *dh,const BIGNUM *pub_key, int *codes);
 int    DH_generate_key(DH *dh);
 int    DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh);
+int    DH_compute_key_padded(unsigned char *key,const BIGNUM *pub_key,DH *dh);
 DH *   d2i_DHparams(DH **a,const unsigned char **pp, long length);
 int    i2d_DHparams(const DH *a,unsigned char **pp);
 #ifndef OPENSSL_NO_FP_API

diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
index bba83be312cf4fe3bd27387c94737593308927c0..6c7a45726706de542aa6117a0011b82e9b8f798c 100644 (file)
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -86,6 +86,21 @@ int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
        return dh->meth->compute_key(key, pub_key, dh);
        }
 
+int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh)
+       {
+       int rv, pad;
+       rv = dh->meth->compute_key(key, pub_key, dh);
+       if (rv <= 0)
+               return rv;
+       pad = BN_num_bytes(dh->p) - rv;
+       if (pad > 0)
+               {
+               memmove(key + pad, key, rv);
+               memset(key, 0, pad);
+               }
+       return rv + pad;
+       }
+
 static DH_METHOD dh_ossl = {
 "OpenSSL DH Method",
 generate_key,