diff options
Diffstat (limited to 'dh.c')
-rw-r--r-- | dh.c | 25 |
1 files changed, 20 insertions, 5 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: dh.c,v 1.44 2006/11/07 13:02:07 markus Exp $ */ | 1 | /* $OpenBSD: dh.c,v 1.47 2008/06/26 09:19:39 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Niels Provos. All rights reserved. | 3 | * Copyright (c) 2000 Niels Provos. All rights reserved. |
4 | * | 4 | * |
@@ -46,6 +46,7 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg) | |||
46 | char *cp, *arg; | 46 | char *cp, *arg; |
47 | char *strsize, *gen, *prime; | 47 | char *strsize, *gen, *prime; |
48 | const char *errstr = NULL; | 48 | const char *errstr = NULL; |
49 | long long n; | ||
49 | 50 | ||
50 | cp = line; | 51 | cp = line; |
51 | if ((arg = strdelim(&cp)) == NULL) | 52 | if ((arg = strdelim(&cp)) == NULL) |
@@ -62,12 +63,24 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg) | |||
62 | arg = strsep(&cp, " "); /* type */ | 63 | arg = strsep(&cp, " "); /* type */ |
63 | if (cp == NULL || *arg == '\0') | 64 | if (cp == NULL || *arg == '\0') |
64 | goto fail; | 65 | goto fail; |
66 | /* Ensure this is a safe prime */ | ||
67 | n = strtonum(arg, 0, 5, &errstr); | ||
68 | if (errstr != NULL || n != MODULI_TYPE_SAFE) | ||
69 | goto fail; | ||
65 | arg = strsep(&cp, " "); /* tests */ | 70 | arg = strsep(&cp, " "); /* tests */ |
66 | if (cp == NULL || *arg == '\0') | 71 | if (cp == NULL || *arg == '\0') |
67 | goto fail; | 72 | goto fail; |
73 | /* Ensure prime has been tested and is not composite */ | ||
74 | n = strtonum(arg, 0, 0x1f, &errstr); | ||
75 | if (errstr != NULL || | ||
76 | (n & MODULI_TESTS_COMPOSITE) || !(n & ~MODULI_TESTS_COMPOSITE)) | ||
77 | goto fail; | ||
68 | arg = strsep(&cp, " "); /* tries */ | 78 | arg = strsep(&cp, " "); /* tries */ |
69 | if (cp == NULL || *arg == '\0') | 79 | if (cp == NULL || *arg == '\0') |
70 | goto fail; | 80 | goto fail; |
81 | n = strtonum(arg, 0, 1<<30, &errstr); | ||
82 | if (errstr != NULL || n == 0) | ||
83 | goto fail; | ||
71 | strsize = strsep(&cp, " "); /* size */ | 84 | strsize = strsep(&cp, " "); /* size */ |
72 | if (cp == NULL || *strsize == '\0' || | 85 | if (cp == NULL || *strsize == '\0' || |
73 | (dhg->size = (u_int)strtonum(strsize, 0, 64*1024, &errstr)) == 0 || | 86 | (dhg->size = (u_int)strtonum(strsize, 0, 64*1024, &errstr)) == 0 || |
@@ -153,7 +166,7 @@ choose_dh(int min, int wantbits, int max) | |||
153 | } | 166 | } |
154 | 167 | ||
155 | linenum = 0; | 168 | linenum = 0; |
156 | which = arc4random() % bestcount; | 169 | which = arc4random_uniform(bestcount); |
157 | while (fgets(line, sizeof(line), f)) { | 170 | while (fgets(line, sizeof(line), f)) { |
158 | if (!parse_prime(linenum, line, &dhg)) | 171 | if (!parse_prime(linenum, line, &dhg)) |
159 | continue; | 172 | continue; |
@@ -185,7 +198,7 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) | |||
185 | BIGNUM *tmp; | 198 | BIGNUM *tmp; |
186 | 199 | ||
187 | if (dh_pub->neg) { | 200 | if (dh_pub->neg) { |
188 | logit("invalid public DH value: negativ"); | 201 | logit("invalid public DH value: negative"); |
189 | return 0; | 202 | return 0; |
190 | } | 203 | } |
191 | if (BN_cmp(dh_pub, BN_value_one()) != 1) { /* pub_exp <= 1 */ | 204 | if (BN_cmp(dh_pub, BN_value_one()) != 1) { /* pub_exp <= 1 */ |
@@ -193,8 +206,10 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) | |||
193 | return 0; | 206 | return 0; |
194 | } | 207 | } |
195 | 208 | ||
196 | if ((tmp = BN_new()) == NULL) | 209 | if ((tmp = BN_new()) == NULL) { |
197 | return (-1); | 210 | error("%s: BN_new failed", __func__); |
211 | return 0; | ||
212 | } | ||
198 | if (!BN_sub(tmp, dh->p, BN_value_one()) || | 213 | if (!BN_sub(tmp, dh->p, BN_value_one()) || |
199 | BN_cmp(dh_pub, tmp) != -1) { /* pub_exp > p-2 */ | 214 | BN_cmp(dh_pub, tmp) != -1) { /* pub_exp > p-2 */ |
200 | BN_clear_free(tmp); | 215 | BN_clear_free(tmp); |