diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | dh.c | 21 |
2 files changed, 23 insertions, 3 deletions
@@ -5,6 +5,9 @@ | |||
5 | Prevent ssh from trying to open private keys with bad permissions more than | 5 | Prevent ssh from trying to open private keys with bad permissions more than |
6 | once or prompting for their passphrases (which it subsequently ignores | 6 | once or prompting for their passphrases (which it subsequently ignores |
7 | anyway), similar to a previous change in ssh-add. bz #1186, ok djm@ | 7 | anyway), similar to a previous change in ssh-add. bz #1186, ok djm@ |
8 | - djm@cvs.openbsd.org 2006/05/04 14:55:23 | ||
9 | [dh.c] | ||
10 | tighter DH exponent checks here too; feedback and ok markus@ | ||
8 | 11 | ||
9 | 20060504 | 12 | 20060504 |
10 | - (dtucker) [auth-pam.c groupaccess.c monitor.c monitor_wrap.c scard-opensc.c | 13 | - (dtucker) [auth-pam.c groupaccess.c monitor.c monitor_wrap.c scard-opensc.c |
@@ -4602,4 +4605,4 @@ | |||
4602 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 4605 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
4603 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 4606 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
4604 | 4607 | ||
4605 | $Id: ChangeLog,v 1.4321 2006/05/06 07:41:51 dtucker Exp $ | 4608 | $Id: ChangeLog,v 1.4322 2006/05/06 07:43:33 dtucker Exp $ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: dh.c,v 1.35 2006/03/27 13:03:54 deraadt Exp $ */ | 1 | /* $OpenBSD: dh.c,v 1.36 2006/05/04 14:55:23 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Niels Provos. All rights reserved. | 3 | * Copyright (c) 2000 Niels Provos. All rights reserved. |
4 | * | 4 | * |
@@ -181,19 +181,36 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) | |||
181 | int i; | 181 | int i; |
182 | int n = BN_num_bits(dh_pub); | 182 | int n = BN_num_bits(dh_pub); |
183 | int bits_set = 0; | 183 | int bits_set = 0; |
184 | BIGNUM *tmp; | ||
184 | 185 | ||
185 | if (dh_pub->neg) { | 186 | if (dh_pub->neg) { |
186 | logit("invalid public DH value: negativ"); | 187 | logit("invalid public DH value: negativ"); |
187 | return 0; | 188 | return 0; |
188 | } | 189 | } |
190 | if (BN_cmp(dh_pub, BN_value_one()) != 1) { /* pub_exp <= 1 */ | ||
191 | logit("invalid public DH value: <= 1"); | ||
192 | return 0; | ||
193 | } | ||
194 | |||
195 | if ((tmp = BN_new()) == NULL) | ||
196 | return (-1); | ||
197 | if (!BN_sub(tmp, dh->p, BN_value_one()) || | ||
198 | BN_cmp(dh_pub, tmp) != -1) { /* pub_exp > p-2 */ | ||
199 | BN_clear_free(tmp); | ||
200 | logit("invalid public DH value: >= p-1"); | ||
201 | return 0; | ||
202 | } | ||
203 | BN_clear_free(tmp); | ||
204 | |||
189 | for (i = 0; i <= n; i++) | 205 | for (i = 0; i <= n; i++) |
190 | if (BN_is_bit_set(dh_pub, i)) | 206 | if (BN_is_bit_set(dh_pub, i)) |
191 | bits_set++; | 207 | bits_set++; |
192 | debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p)); | 208 | debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p)); |
193 | 209 | ||
194 | /* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */ | 210 | /* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */ |
195 | if (bits_set > 1 && (BN_cmp(dh_pub, dh->p) == -1)) | 211 | if (bits_set > 1) |
196 | return 1; | 212 | return 1; |
213 | |||
197 | logit("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p)); | 214 | logit("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p)); |
198 | return 0; | 215 | return 0; |
199 | } | 216 | } |