diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-12-23 11:53:20 +0000 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-12-23 11:53:20 +0000 |
| commit | 9ed56d8896141d63f5bc3d8f68c2d5c3b6c26d65 (patch) | |
| tree | 8489a9f0c3ef73963efcbdd164ad1af3a9ec64f5 /libextra | |
| parent | 841c42616e6b5c793b6088a1b981e880edc9b30b (diff) | |
| download | gnutls-9ed56d8896141d63f5bc3d8f68c2d5c3b6c26d65.tar.gz | |
Added checks (in SRP) for A%n==0,1,-1 in server side.
Diffstat (limited to 'libextra')
| -rw-r--r-- | libextra/auth_srp.c | 81 |
1 files changed, 60 insertions, 21 deletions
diff --git a/libextra/auth_srp.c b/libextra/auth_srp.c index d0e55d668a..169949b270 100644 --- a/libextra/auth_srp.c +++ b/libextra/auth_srp.c @@ -67,6 +67,58 @@ const MOD_AUTH_STRUCT srp_auth_struct = { #define V session->key->x #define S session->key->KEY +/* Checks if b%n==0 which is a fatal srp error. + * Returns a proper error code in that case, and 0 when + * all are ok. + */ +inline +static int check_b_mod_n( GNUTLS_MPI b, GNUTLS_MPI n) +{ +int ret; +GNUTLS_MPI r = _gnutls_mpi_alloc_like(b); + + _gnutls_mpi_mod( r, b, n); + ret = _gnutls_mpi_cmp_ui(r, 0); + + _gnutls_mpi_release( &r); + + if (ret == 0) { + gnutls_assert(); + return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; + } + + return 0; +} + +/* Checks if a%n==0,+1,-1%n which is a fatal srp error. + * Returns a proper error code in that case, and 0 when + * all are ok. + */ +inline +static int check_a_mod_n( GNUTLS_MPI a, GNUTLS_MPI n) +{ +int ret; +GNUTLS_MPI r = _gnutls_mpi_alloc_like(a); + + _gnutls_mpi_mod( r, a, n); + ret = _gnutls_mpi_cmp_ui(r, 0); + if (ret != 0) ret = _gnutls_mpi_cmp_ui(r, 1); + if (ret != 0) { + _gnutls_mpi_sub_ui( r, n, 1); + ret = _gnutls_mpi_cmp(a, r); + } + + _gnutls_mpi_release( &r); + + if (ret == 0) { + gnutls_assert(); + return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; + } + + return 0; +} + + /* Send the first key exchange message ( g, n, s) and append the verifier algorithm number * Data is allocated by the caller, and should have data_size size. */ @@ -298,6 +350,14 @@ int _gnutls_proc_srp_client_kx(gnutls_session session, opaque * data, size_t _da _gnutls_dump_mpi( "SRP A: ", A); _gnutls_dump_mpi( "SRP B: ", B); + /* Checks if A % n == 0 or + * A % n == +-1. + */ + if ( (ret = check_a_mod_n( A, N)) < 0) { + gnutls_assert(); + return ret; + } + /* Start the SRP calculations. * - Calculate u */ @@ -337,27 +397,6 @@ int _gnutls_proc_srp_client_kx(gnutls_session session, opaque * data, size_t _da } -/* Checks if b%n==0 which is a fatal srp error. - * Returns a proper error code in that case, and 0 when - * all are ok. - */ -static int check_b_mod_n( GNUTLS_MPI b, GNUTLS_MPI n) -{ -int ret; -GNUTLS_MPI r = _gnutls_mpi_alloc_like(b); - - _gnutls_mpi_mod( r, b, n); - ret = _gnutls_mpi_cmp_ui(r, 0); - - _gnutls_mpi_release( &r); - - if (ret == 0) { - gnutls_assert(); - return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; - } - - return 0; -} /* Static parameters according to draft-ietf-tls-srp-05 */ |