diff options
author | marha <marha@users.sourceforge.net> | 2011-01-23 20:17:10 +0000 |
---|---|---|
committer | marha <marha@users.sourceforge.net> | 2011-01-23 20:17:10 +0000 |
commit | 1b639dab951fb73d5031aa0c1afb13e8480d1dae (patch) | |
tree | 4e13a4d1e4c609bd01d0bf5d65c6a8acdc3d0c50 /openssl/crypto/jpake | |
parent | 51181fb7f4d135d214974bb6611d51f21475eec8 (diff) | |
parent | b680cf39ed5bc37e0eb7eb86ad8599bf92df3f2b (diff) | |
download | vcxsrv-1b639dab951fb73d5031aa0c1afb13e8480d1dae.tar.gz vcxsrv-1b639dab951fb73d5031aa0c1afb13e8480d1dae.tar.bz2 vcxsrv-1b639dab951fb73d5031aa0c1afb13e8480d1dae.zip |
svn merge ^/branches/released .
Diffstat (limited to 'openssl/crypto/jpake')
-rw-r--r-- | openssl/crypto/jpake/jpake.c | 29 | ||||
-rw-r--r-- | openssl/crypto/jpake/jpake.h | 2 | ||||
-rw-r--r-- | openssl/crypto/jpake/jpake_err.c | 4 |
3 files changed, 34 insertions, 1 deletions
diff --git a/openssl/crypto/jpake/jpake.c b/openssl/crypto/jpake/jpake.c index 086d9f47e..8e4b633cc 100644 --- a/openssl/crypto/jpake/jpake.c +++ b/openssl/crypto/jpake/jpake.c @@ -282,8 +282,37 @@ int JPAKE_STEP1_generate(JPAKE_STEP1 *send, JPAKE_CTX *ctx) return 1; } +/* g^x is a legal value */ +static int is_legal(const BIGNUM *gx, const JPAKE_CTX *ctx) + { + BIGNUM *t; + int res; + + if(BN_is_negative(gx) || BN_is_zero(gx) || BN_cmp(gx, ctx->p.p) >= 0) + return 0; + + t = BN_new(); + BN_mod_exp(t, gx, ctx->p.q, ctx->p.p, ctx->ctx); + res = BN_is_one(t); + BN_free(t); + + return res; + } + int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received) { + if(!is_legal(received->p1.gx, ctx)) + { + JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL); + return 0; + } + + if(!is_legal(received->p2.gx, ctx)) + { + JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL); + return 0; + } + /* verify their ZKP(xc) */ if(!verify_zkp(&received->p1, ctx->p.g, ctx)) { diff --git a/openssl/crypto/jpake/jpake.h b/openssl/crypto/jpake/jpake.h index 693ea188c..fd143b4d9 100644 --- a/openssl/crypto/jpake/jpake.h +++ b/openssl/crypto/jpake/jpake.h @@ -115,6 +115,8 @@ void ERR_load_JPAKE_strings(void); #define JPAKE_F_VERIFY_ZKP 100 /* Reason codes. */ +#define JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL 108 +#define JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL 109 #define JPAKE_R_G_TO_THE_X4_IS_ONE 105 #define JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH 106 #define JPAKE_R_HASH_OF_KEY_MISMATCH 107 diff --git a/openssl/crypto/jpake/jpake_err.c b/openssl/crypto/jpake/jpake_err.c index 1b9506796..a9a9dee75 100644 --- a/openssl/crypto/jpake/jpake_err.c +++ b/openssl/crypto/jpake/jpake_err.c @@ -1,6 +1,6 @@ /* crypto/jpake/jpake_err.c */ /* ==================================================================== - * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2010 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -80,6 +80,8 @@ static ERR_STRING_DATA JPAKE_str_functs[]= static ERR_STRING_DATA JPAKE_str_reasons[]= { +{ERR_REASON(JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL),"g to the x3 is not legal"}, +{ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL),"g to the x4 is not legal"}, {ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_ONE) ,"g to the x4 is one"}, {ERR_REASON(JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH),"hash of hash of key mismatch"}, {ERR_REASON(JPAKE_R_HASH_OF_KEY_MISMATCH),"hash of key mismatch"}, |