aboutsummaryrefslogtreecommitdiff
path: root/openssl/crypto/jpake
diff options
context:
space:
mode:
authormarha <marha@users.sourceforge.net>2011-01-23 20:17:10 +0000
committermarha <marha@users.sourceforge.net>2011-01-23 20:17:10 +0000
commit1b639dab951fb73d5031aa0c1afb13e8480d1dae (patch)
tree4e13a4d1e4c609bd01d0bf5d65c6a8acdc3d0c50 /openssl/crypto/jpake
parent51181fb7f4d135d214974bb6611d51f21475eec8 (diff)
parentb680cf39ed5bc37e0eb7eb86ad8599bf92df3f2b (diff)
downloadvcxsrv-1b639dab951fb73d5031aa0c1afb13e8480d1dae.tar.gz
vcxsrv-1b639dab951fb73d5031aa0c1afb13e8480d1dae.tar.bz2
vcxsrv-1b639dab951fb73d5031aa0c1afb13e8480d1dae.zip
svn merge ^/branches/released .
Diffstat (limited to 'openssl/crypto/jpake')
-rw-r--r--openssl/crypto/jpake/jpake.c29
-rw-r--r--openssl/crypto/jpake/jpake.h2
-rw-r--r--openssl/crypto/jpake/jpake_err.c4
3 files changed, 34 insertions, 1 deletions
diff --git a/openssl/crypto/jpake/jpake.c b/openssl/crypto/jpake/jpake.c
index 086d9f47e..8e4b633cc 100644
--- a/openssl/crypto/jpake/jpake.c
+++ b/openssl/crypto/jpake/jpake.c
@@ -282,8 +282,37 @@ int JPAKE_STEP1_generate(JPAKE_STEP1 *send, JPAKE_CTX *ctx)
return 1;
}
+/* g^x is a legal value */
+static int is_legal(const BIGNUM *gx, const JPAKE_CTX *ctx)
+ {
+ BIGNUM *t;
+ int res;
+
+ if(BN_is_negative(gx) || BN_is_zero(gx) || BN_cmp(gx, ctx->p.p) >= 0)
+ return 0;
+
+ t = BN_new();
+ BN_mod_exp(t, gx, ctx->p.q, ctx->p.p, ctx->ctx);
+ res = BN_is_one(t);
+ BN_free(t);
+
+ return res;
+ }
+
int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received)
{
+ if(!is_legal(received->p1.gx, ctx))
+ {
+ JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL);
+ return 0;
+ }
+
+ if(!is_legal(received->p2.gx, ctx))
+ {
+ JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL);
+ return 0;
+ }
+
/* verify their ZKP(xc) */
if(!verify_zkp(&received->p1, ctx->p.g, ctx))
{
diff --git a/openssl/crypto/jpake/jpake.h b/openssl/crypto/jpake/jpake.h
index 693ea188c..fd143b4d9 100644
--- a/openssl/crypto/jpake/jpake.h
+++ b/openssl/crypto/jpake/jpake.h
@@ -115,6 +115,8 @@ void ERR_load_JPAKE_strings(void);
#define JPAKE_F_VERIFY_ZKP 100
/* Reason codes. */
+#define JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL 108
+#define JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL 109
#define JPAKE_R_G_TO_THE_X4_IS_ONE 105
#define JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH 106
#define JPAKE_R_HASH_OF_KEY_MISMATCH 107
diff --git a/openssl/crypto/jpake/jpake_err.c b/openssl/crypto/jpake/jpake_err.c
index 1b9506796..a9a9dee75 100644
--- a/openssl/crypto/jpake/jpake_err.c
+++ b/openssl/crypto/jpake/jpake_err.c
@@ -1,6 +1,6 @@
/* crypto/jpake/jpake_err.c */
/* ====================================================================
- * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2010 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -80,6 +80,8 @@ static ERR_STRING_DATA JPAKE_str_functs[]=
static ERR_STRING_DATA JPAKE_str_reasons[]=
{
+{ERR_REASON(JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL),"g to the x3 is not legal"},
+{ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL),"g to the x4 is not legal"},
{ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_ONE) ,"g to the x4 is one"},
{ERR_REASON(JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH),"hash of hash of key mismatch"},
{ERR_REASON(JPAKE_R_HASH_OF_KEY_MISMATCH),"hash of key mismatch"},