Updated to openssl-1.0.0c

author: marha <marha@users.sourceforge.net> 2011-01-23 19:50:13 +0000
committer: marha <marha@users.sourceforge.net> 2011-01-23 19:50:13 +0000
commit: b680cf39ed5bc37e0eb7eb86ad8599bf92df3f2b (patch)
tree: 4722cd31e41fdda28e5c2b37bdf8500d27868384 /openssl/crypto/jpake
parent: 8cd59857a99c534c560f58c931f5c2466d4c1f9b (diff)
download: vcxsrv-b680cf39ed5bc37e0eb7eb86ad8599bf92df3f2b.tar.gz
vcxsrv-b680cf39ed5bc37e0eb7eb86ad8599bf92df3f2b.tar.bz2
vcxsrv-b680cf39ed5bc37e0eb7eb86ad8599bf92df3f2b.zip
3 files changed, 34 insertions, 1 deletions
diff --git a/openssl/crypto/jpake/jpake.c b/openssl/crypto/jpake/jpake.c
index 086d9f47e..8e4b633cc 100644
--- a/openssl/crypto/jpake/jpake.c
+++ b/openssl/crypto/jpake/jpake.c
@@ -282,8 +282,37 @@ int JPAKE_STEP1_generate(JPAKE_STEP1 *send, JPAKE_CTX *ctx)
     return 1;
     }
 
+/* g^x is a legal value */
+static int is_legal(const BIGNUM *gx, const JPAKE_CTX *ctx)
+    {
+    BIGNUM *t;
+    int res;
+    
+    if(BN_is_negative(gx) || BN_is_zero(gx) || BN_cmp(gx, ctx->p.p) >= 0)
+	return 0;
+
+    t = BN_new();
+    BN_mod_exp(t, gx, ctx->p.q, ctx->p.p, ctx->ctx);
+    res = BN_is_one(t);
+    BN_free(t);
+
+    return res;
+    }
+
 int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received)
     {
+    if(!is_legal(received->p1.gx, ctx))
+	{
+	JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL);
+	return 0;
+	}
+
+    if(!is_legal(received->p2.gx, ctx))
+	{
+	JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL);
+	return 0;
+	}
+
    /* verify their ZKP(xc) */
     if(!verify_zkp(&received->p1, ctx->p.g, ctx))
 	{
diff --git a/openssl/crypto/jpake/jpake.h b/openssl/crypto/jpake/jpake.h
index 693ea188c..fd143b4d9 100644
--- a/openssl/crypto/jpake/jpake.h
+++ b/openssl/crypto/jpake/jpake.h
@@ -115,6 +115,8 @@ void ERR_load_JPAKE_strings(void);
 #define JPAKE_F_VERIFY_ZKP				 100
 
 /* Reason codes. */
+#define JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL		 108
+#define JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL		 109
 #define JPAKE_R_G_TO_THE_X4_IS_ONE			 105
 #define JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH		 106
 #define JPAKE_R_HASH_OF_KEY_MISMATCH			 107
diff --git a/openssl/crypto/jpake/jpake_err.c b/openssl/crypto/jpake/jpake_err.c
index 1b9506796..a9a9dee75 100644
--- a/openssl/crypto/jpake/jpake_err.c
+++ b/openssl/crypto/jpake/jpake_err.c
@@ -1,6 +1,6 @@
 /* crypto/jpake/jpake_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2010 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -80,6 +80,8 @@ static ERR_STRING_DATA JPAKE_str_functs[]=
 
 static ERR_STRING_DATA JPAKE_str_reasons[]=
 	{
+{ERR_REASON(JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL),"g to the x3 is not legal"},
+{ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL),"g to the x4 is not legal"},
 {ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_ONE)  ,"g to the x4 is one"},
 {ERR_REASON(JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH),"hash of hash of key mismatch"},
 {ERR_REASON(JPAKE_R_HASH_OF_KEY_MISMATCH),"hash of key mismatch"},
author	marha <marha@users.sourceforge.net>	2011-01-23 19:50:13 +0000
committer	marha <marha@users.sourceforge.net>	2011-01-23 19:50:13 +0000
commit	b680cf39ed5bc37e0eb7eb86ad8599bf92df3f2b (patch)
tree	4722cd31e41fdda28e5c2b37bdf8500d27868384 /openssl/crypto/jpake
parent	8cd59857a99c534c560f58c931f5c2466d4c1f9b (diff)
download	vcxsrv-b680cf39ed5bc37e0eb7eb86ad8599bf92df3f2b.tar.gz vcxsrv-b680cf39ed5bc37e0eb7eb86ad8599bf92df3f2b.tar.bz2 vcxsrv-b680cf39ed5bc37e0eb7eb86ad8599bf92df3f2b.zip