diff options
| author | marha <marha@users.sourceforge.net> | 2011-01-23 19:50:13 +0000 |
|---|---|---|
| committer | marha <marha@users.sourceforge.net> | 2011-01-23 19:50:13 +0000 |
| commit | b680cf39ed5bc37e0eb7eb86ad8599bf92df3f2b (patch) | |
| tree | 4722cd31e41fdda28e5c2b37bdf8500d27868384 /openssl/crypto/jpake | |
| parent | 8cd59857a99c534c560f58c931f5c2466d4c1f9b (diff) | |
| download | vcxsrv-b680cf39ed5bc37e0eb7eb86ad8599bf92df3f2b.tar.gz vcxsrv-b680cf39ed5bc37e0eb7eb86ad8599bf92df3f2b.tar.bz2 vcxsrv-b680cf39ed5bc37e0eb7eb86ad8599bf92df3f2b.zip | |
Updated to openssl-1.0.0c
Diffstat (limited to 'openssl/crypto/jpake')
| -rw-r--r-- | openssl/crypto/jpake/jpake.c | 29 | ||||
| -rw-r--r-- | openssl/crypto/jpake/jpake.h | 2 | ||||
| -rw-r--r-- | openssl/crypto/jpake/jpake_err.c | 4 |
3 files changed, 34 insertions, 1 deletions
diff --git a/openssl/crypto/jpake/jpake.c b/openssl/crypto/jpake/jpake.c index 086d9f47e..8e4b633cc 100644 --- a/openssl/crypto/jpake/jpake.c +++ b/openssl/crypto/jpake/jpake.c @@ -282,8 +282,37 @@ int JPAKE_STEP1_generate(JPAKE_STEP1 *send, JPAKE_CTX *ctx) return 1; } +/* g^x is a legal value */ +static int is_legal(const BIGNUM *gx, const JPAKE_CTX *ctx) + { + BIGNUM *t; + int res; + + if(BN_is_negative(gx) || BN_is_zero(gx) || BN_cmp(gx, ctx->p.p) >= 0) + return 0; + + t = BN_new(); + BN_mod_exp(t, gx, ctx->p.q, ctx->p.p, ctx->ctx); + res = BN_is_one(t); + BN_free(t); + + return res; + } + int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received) { + if(!is_legal(received->p1.gx, ctx)) + { + JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL); + return 0; + } + + if(!is_legal(received->p2.gx, ctx)) + { + JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL); + return 0; + } + /* verify their ZKP(xc) */ if(!verify_zkp(&received->p1, ctx->p.g, ctx)) { diff --git a/openssl/crypto/jpake/jpake.h b/openssl/crypto/jpake/jpake.h index 693ea188c..fd143b4d9 100644 --- a/openssl/crypto/jpake/jpake.h +++ b/openssl/crypto/jpake/jpake.h @@ -115,6 +115,8 @@ void ERR_load_JPAKE_strings(void); #define JPAKE_F_VERIFY_ZKP 100 /* Reason codes. */ +#define JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL 108 +#define JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL 109 #define JPAKE_R_G_TO_THE_X4_IS_ONE 105 #define JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH 106 #define JPAKE_R_HASH_OF_KEY_MISMATCH 107 diff --git a/openssl/crypto/jpake/jpake_err.c b/openssl/crypto/jpake/jpake_err.c index 1b9506796..a9a9dee75 100644 --- a/openssl/crypto/jpake/jpake_err.c +++ b/openssl/crypto/jpake/jpake_err.c @@ -1,6 +1,6 @@ /* crypto/jpake/jpake_err.c */ /* ==================================================================== - * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2010 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -80,6 +80,8 @@ static ERR_STRING_DATA JPAKE_str_functs[]= static ERR_STRING_DATA JPAKE_str_reasons[]= { +{ERR_REASON(JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL),"g to the x3 is not legal"}, +{ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL),"g to the x4 is not legal"}, {ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_ONE) ,"g to the x4 is one"}, {ERR_REASON(JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH),"hash of hash of key mismatch"}, {ERR_REASON(JPAKE_R_HASH_OF_KEY_MISMATCH),"hash of key mismatch"}, |