summaryrefslogtreecommitdiff
path: root/dh.c
diff options
context:
space:
mode:
Diffstat (limited to 'dh.c')
-rw-r--r--dh.c25
1 files changed, 20 insertions, 5 deletions
diff --git a/dh.c b/dh.c
index 78e230b9f..b76605325 100644
--- a/dh.c
+++ b/dh.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh.c,v 1.44 2006/11/07 13:02:07 markus Exp $ */ 1/* $OpenBSD: dh.c,v 1.47 2008/06/26 09:19:39 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Niels Provos. All rights reserved. 3 * Copyright (c) 2000 Niels Provos. All rights reserved.
4 * 4 *
@@ -46,6 +46,7 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg)
46 char *cp, *arg; 46 char *cp, *arg;
47 char *strsize, *gen, *prime; 47 char *strsize, *gen, *prime;
48 const char *errstr = NULL; 48 const char *errstr = NULL;
49 long long n;
49 50
50 cp = line; 51 cp = line;
51 if ((arg = strdelim(&cp)) == NULL) 52 if ((arg = strdelim(&cp)) == NULL)
@@ -62,12 +63,24 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg)
62 arg = strsep(&cp, " "); /* type */ 63 arg = strsep(&cp, " "); /* type */
63 if (cp == NULL || *arg == '\0') 64 if (cp == NULL || *arg == '\0')
64 goto fail; 65 goto fail;
66 /* Ensure this is a safe prime */
67 n = strtonum(arg, 0, 5, &errstr);
68 if (errstr != NULL || n != MODULI_TYPE_SAFE)
69 goto fail;
65 arg = strsep(&cp, " "); /* tests */ 70 arg = strsep(&cp, " "); /* tests */
66 if (cp == NULL || *arg == '\0') 71 if (cp == NULL || *arg == '\0')
67 goto fail; 72 goto fail;
73 /* Ensure prime has been tested and is not composite */
74 n = strtonum(arg, 0, 0x1f, &errstr);
75 if (errstr != NULL ||
76 (n & MODULI_TESTS_COMPOSITE) || !(n & ~MODULI_TESTS_COMPOSITE))
77 goto fail;
68 arg = strsep(&cp, " "); /* tries */ 78 arg = strsep(&cp, " "); /* tries */
69 if (cp == NULL || *arg == '\0') 79 if (cp == NULL || *arg == '\0')
70 goto fail; 80 goto fail;
81 n = strtonum(arg, 0, 1<<30, &errstr);
82 if (errstr != NULL || n == 0)
83 goto fail;
71 strsize = strsep(&cp, " "); /* size */ 84 strsize = strsep(&cp, " "); /* size */
72 if (cp == NULL || *strsize == '\0' || 85 if (cp == NULL || *strsize == '\0' ||
73 (dhg->size = (u_int)strtonum(strsize, 0, 64*1024, &errstr)) == 0 || 86 (dhg->size = (u_int)strtonum(strsize, 0, 64*1024, &errstr)) == 0 ||
@@ -153,7 +166,7 @@ choose_dh(int min, int wantbits, int max)
153 } 166 }
154 167
155 linenum = 0; 168 linenum = 0;
156 which = arc4random() % bestcount; 169 which = arc4random_uniform(bestcount);
157 while (fgets(line, sizeof(line), f)) { 170 while (fgets(line, sizeof(line), f)) {
158 if (!parse_prime(linenum, line, &dhg)) 171 if (!parse_prime(linenum, line, &dhg))
159 continue; 172 continue;
@@ -185,7 +198,7 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)
185 BIGNUM *tmp; 198 BIGNUM *tmp;
186 199
187 if (dh_pub->neg) { 200 if (dh_pub->neg) {
188 logit("invalid public DH value: negativ"); 201 logit("invalid public DH value: negative");
189 return 0; 202 return 0;
190 } 203 }
191 if (BN_cmp(dh_pub, BN_value_one()) != 1) { /* pub_exp <= 1 */ 204 if (BN_cmp(dh_pub, BN_value_one()) != 1) { /* pub_exp <= 1 */
@@ -193,8 +206,10 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)
193 return 0; 206 return 0;
194 } 207 }
195 208
196 if ((tmp = BN_new()) == NULL) 209 if ((tmp = BN_new()) == NULL) {
197 return (-1); 210 error("%s: BN_new failed", __func__);
211 return 0;
212 }
198 if (!BN_sub(tmp, dh->p, BN_value_one()) || 213 if (!BN_sub(tmp, dh->p, BN_value_one()) ||
199 BN_cmp(dh_pub, tmp) != -1) { /* pub_exp > p-2 */ 214 BN_cmp(dh_pub, tmp) != -1) { /* pub_exp > p-2 */
200 BN_clear_free(tmp); 215 BN_clear_free(tmp);
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-26 23:07:35 +0000