diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-04-19 20:26:50 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-04-22 17:58:46 +0200 |
| commit | 1a6b4a2e79341e8201abcd6940c04a647b9cc5f5 (patch) | |
| tree | bdc114e70be3b525f42d1bc1b3cf2977fff22ce0 | |
| parent | c1b279a9786f50e932a4527e900fc1a6df36e5f1 (diff) | |
| download | gnutls-1a6b4a2e79341e8201abcd6940c04a647b9cc5f5.tar.gz | |
Added complete check in SRP parameters.
| -rw-r--r-- | lib/auth_srp.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/lib/auth_srp.c b/lib/auth_srp.c index 724cbf030d..1d02def4b3 100644 --- a/lib/auth_srp.c +++ b/lib/auth_srp.c @@ -103,7 +103,7 @@ check_b_mod_n (bigint_t b, bigint_t n) inline static int check_a_mod_n (bigint_t a, bigint_t n) { - int ret; + int ret, err = 0; bigint_t r; r = _gnutls_mpi_mod (a, n); @@ -114,10 +114,18 @@ check_a_mod_n (bigint_t a, bigint_t n) } ret = _gnutls_mpi_cmp_ui (r, 0); + if (ret == 0) err = 1; + + ret = _gnutls_mpi_cmp_ui (r, 1); + if (ret == 0) err = 1; + + _gnutls_mpi_add_ui(r, r, 1); + ret = _gnutls_mpi_cmp (r, n); + if (ret == 0) err = 1; _gnutls_mpi_release (&r); - if (ret == 0) + if (err != 0) { gnutls_assert (); return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; |