update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79)

* make key-generation compliant to FIPS 186.4

* fix includes in tommath_class.h

* update fuzzcorpus instead of error-out

* fixup fuzzing make-targets

* update Makefile.in

* apply necessary patches to ltm sources

* clean-up not required ltm files

* update to vanilla ltm 1.1.0

this already only contains the required files

* remove set/get double

1 files changed, 8 insertions, 5 deletions

diff --git a/gendss.c b/gendss.c
index 9fb500b..46d161e 100644
--- a/gendss.c
+++ b/gendss.c
@@ -68,6 +68,7 @@ dropbear_dss_key * gen_dss_priv_key(unsigned int size) {
 static void getq(const dropbear_dss_key *key) {
 
 	unsigned char buf[QSIZE];
+	int trials;
 
 	/* 160 bit prime */
 	genrandom(buf, QSIZE);
@@ -76,8 +77,9 @@ static void getq(const dropbear_dss_key *key) {
 
 	bytes_to_mp(key->q, buf, QSIZE);
 
-	/* 18 rounds are required according to HAC */
-	if (mp_prime_next_prime(key->q, 18, 0) != MP_OKAY) {
+	/* ask FIPS 186.4 how many Rabin-Miller trials are required */
+	trials = mp_prime_rabin_miller_trials(mp_count_bits(key->q));
+	if (mp_prime_next_prime(key->q, trials, 0) != MP_OKAY) {
 		fprintf(stderr, "DSS key generation failed\n");
 		exit(1);
 	}
@@ -89,7 +91,7 @@ static void getp(const dropbear_dss_key *key, unsigned int size) {
 	DEF_MP_INT(tempC);
 	DEF_MP_INT(tempP);
 	DEF_MP_INT(temp2q);
-	int result;
+	int result, trials;
 	unsigned char *buf;
 
 	m_mp_init_multi(&tempX, &tempC, &tempP, &temp2q, NULL);
@@ -129,9 +131,10 @@ static void getp(const dropbear_dss_key *key, unsigned int size) {
 			exit(1);
 		}
 
-		/* now check for prime, 5 rounds is enough according to HAC */
+		/* ask FIPS 186.4 how many Rabin-Miller trials are required */
+		trials = mp_prime_rabin_miller_trials(mp_count_bits(key->p));
 		/* result == 1  =>  p is prime */
-		if (mp_prime_is_prime(key->p, 5, &result) != MP_OKAY) {
+		if (mp_prime_is_prime(key->p, trials, &result) != MP_OKAY) {
 			fprintf(stderr, "DSS key generation failed\n");
 			exit(1);
 		}