diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2004-02-11 21:32:00 +0000 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2004-02-11 21:32:00 +0000 |
| commit | 4f156b1f9c1a95eced9a88b12252045793a30f49 (patch) | |
| tree | c8c254f7db9ba4d8cb0f28a90d50d908fd325824 | |
| parent | 5c091a57dee81076b5d8fad6e5ea20905355be45 (diff) | |
| download | gnutls-4f156b1f9c1a95eced9a88b12252045793a30f49.tar.gz | |
added check for a%n==0,1,-1
| -rw-r--r-- | NEWS | 5 | ||||
| -rw-r--r-- | lib/gnutls_mpi.h | 2 | ||||
| -rw-r--r-- | libextra/auth_srp.c | 39 |
3 files changed, 46 insertions, 0 deletions
@@ -1,3 +1,8 @@ +Version 1.0.6 +- Improved gnutls-cli's SRP behaviour in SRP ciphersuites. + If they are of highest priority then the abbreviated handshake + is used. + Version 1.0.5 (11/02/2004) - Fixed a bug where 'server name' extension was always sent. - Backported several things from the development branch: diff --git a/lib/gnutls_mpi.h b/lib/gnutls_mpi.h index 357cc0a7bd..0eafd16c97 100644 --- a/lib/gnutls_mpi.h +++ b/lib/gnutls_mpi.h @@ -6,6 +6,7 @@ #define GNUTLS_MPI gcry_mpi_t +#define _gnutls_mpi_cmp gcry_mpi_cmp #define _gnutls_mpi_cmp_ui gcry_mpi_cmp_ui #define _gnutls_mpi_mod gcry_mpi_mod #define _gnutls_mpi_new gcry_mpi_new @@ -19,6 +20,7 @@ #define _gnutls_mpi_invm gcry_mpi_invm #define _gnutls_mpi_addm gcry_mpi_addm #define _gnutls_mpi_subm gcry_mpi_subm +#define _gnutls_mpi_sub_ui gcry_mpi_sub_ui #define _gnutls_mpi_mulm gcry_mpi_mulm #define _gnutls_mpi_mul gcry_mpi_mul #define _gnutls_mpi_add gcry_mpi_add diff --git a/libextra/auth_srp.c b/libextra/auth_srp.c index d0e55d668a..52e554836f 100644 --- a/libextra/auth_srp.c +++ b/libextra/auth_srp.c @@ -67,6 +67,9 @@ const MOD_AUTH_STRUCT srp_auth_struct = { #define V session->key->x #define S session->key->KEY +inline +static int check_a_mod_n( GNUTLS_MPI a, GNUTLS_MPI n); + /* Send the first key exchange message ( g, n, s) and append the verifier algorithm number * Data is allocated by the caller, and should have data_size size. */ @@ -294,6 +297,14 @@ int _gnutls_proc_srp_client_kx(gnutls_session session, opaque * data, size_t _da gnutls_assert(); return GNUTLS_E_MPI_SCAN_FAILED; } + + /* Checks if A % n == 0 or + * A % n == +-1. + */ + if ( (ret = check_a_mod_n( A, N)) < 0) { + gnutls_assert(); + return ret; + } _gnutls_dump_mpi( "SRP A: ", A); _gnutls_dump_mpi( "SRP B: ", B); @@ -359,6 +370,34 @@ GNUTLS_MPI r = _gnutls_mpi_alloc_like(b); return 0; } +/* Checks if a%n==0,+1,-1%n which is a fatal srp error. + * Returns a proper error code in that case, and 0 when + * all are ok. + */ +inline +static int check_a_mod_n( GNUTLS_MPI a, GNUTLS_MPI n) +{ +int ret; +GNUTLS_MPI r = _gnutls_mpi_alloc_like(a); + + _gnutls_mpi_mod( r, a, n); + ret = _gnutls_mpi_cmp_ui(r, 0); + if (ret != 0) ret = _gnutls_mpi_cmp_ui(r, 1); + if (ret != 0) { + _gnutls_mpi_sub_ui( r, n, 1); + ret = _gnutls_mpi_cmp(a, r); + } + + _gnutls_mpi_release( &r); + + if (ret == 0) { + gnutls_assert(); + return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; + } + + return 0; +} + /* Static parameters according to draft-ietf-tls-srp-05 */ static const unsigned char srp_params_1024[] = { |