aboutsummaryrefslogtreecommitdiff
path: root/src/dh.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/dh.c')
-rw-r--r--src/dh.c27
1 files changed, 27 insertions, 0 deletions
diff --git a/src/dh.c b/src/dh.c
index e6c2cfd9..10830441 100644
--- a/src/dh.c
+++ b/src/dh.c
@@ -590,6 +590,33 @@ int ssh_fallback_group(uint32_t pmax,
* @{
*/
+bool ssh_dh_is_known_group(bignum modulus, bignum generator)
+{
+ int cmp, bits;
+ bignum m = NULL;
+
+ bits = bignum_num_bits(modulus);
+ if (bits < 3072) {
+ m = ssh_dh_group14;
+ } else if (bits < 6144) {
+ m = ssh_dh_group16;
+ } else {
+ m = ssh_dh_group18;
+ }
+
+ cmp = bignum_cmp(m, modulus);
+ if (cmp != 0) {
+ return false;
+ }
+
+ cmp = bignum_cmp(ssh_dh_generator, generator);
+ if (cmp != 0) {
+ return false;
+ }
+
+ SSH_LOG(SSH_LOG_TRACE, "The received primes in FIPS are known");
+ return true;
+}
ssh_key ssh_dh_get_current_server_publickey(ssh_session session)
{
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-20 15:38:25 +0000