search for: bn_rand

Correct me if I'm wrong, but init_rng() in entropy.c doesn't call seed_rng(), and in fact seed_rng() isn't called from _anywhere_ (in openssh-2.5.1p2). So calls to BN_rand() only pick up the tiny/non-existent amount of entropy added by BN_rand() itself from the system clock (time in seconds). Shouldn't seed_rng() be called from init_rng()? It should be called from _somewhere_, or deleted. Thanks, Dr. Tom Holroyd "I am, as I said, inspired by the biologic...

...e an N-bit public key where the most significant bit is zero. You are confused. In an N-bit RSA modulus the Nth bit is the most significant bit. This is very different from an random integer taken from an N-bit range. OpenSSH uses BN_num_bits correctly. >(this brings up a related flaw in the BN_rand/BN_pseudo_rand (which is the >reason this bug doesn't show up with OpenSSH servers) in that when called to >generate an N-bit (pseudo)random number, these functions actually return N-1 >bits of random data, with the msb set to 1, instead of the N random bits >promised, but that&...

...s occur) for the remote end to generate an N-bit public key where the most significant bit is zero. When this occurs, BN_num_bits returns a smaller number than the actual key size, but this number is erroneously used to check against key size requirements. (this brings up a related flaw in the BN_rand/BN_pseudo_rand (which is the reason this bug doesn't show up with OpenSSH servers) in that when called to generate an N-bit (pseudo)random number, these functions actually return N-1 bits of random data, with the msb set to 1, instead of the N random bits promised, but that's a side iss...

On Wed 2015-05-27 05:23:41 -0400, Hubert Kario wrote: > On Tuesday 26 May 2015 15:10:01 Daniel Kahn Gillmor wrote: >> On Tue 2015-05-26 14:02:07 -0400, Hubert Kario wrote: >> > OEIS A014233 >> >> Hm, this is a sequence, but not an algorithm. It looks to me like it is >> not exhaustive, just a list of those integers which are known to have >> the stated

...se +# define __func__ "openssh" +# endif #endif #if defined(KRB5) && !defined(HEIMDAL) diff -bur openssh-3.7.1p2.orig/dh.c openssh-3.7.1p2/dh.c --- openssh-3.7.1p2.orig/dh.c Wed May 14 05:40:07 2003 +++ openssh-3.7.1p2/dh.c Tue Oct 7 08:22:00 2003 @@ -210,7 +210,7 @@ if (!BN_rand(dh->priv_key, 2*need, 0, 0)) fatal("dh_gen_key: BN_rand failed"); if (DH_generate_key(dh) == 0) - fatal("DH_generate_key"); + fatal("dh_gen_key: DH_generate_key failed"); for (i = 0; i <= BN_num_bits(dh->priv_key); i++) if (BN_is_bit_set(dh-&...