diff options
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | lib/auth_srp.c | 8 |
2 files changed, 9 insertions, 1 deletions
@@ -6,6 +6,8 @@ See the end for copying conditions. * Version 1.2.1 - gnutls_bye() will no longer fail when RDWR is used and application data are available for reading. +- Added more strict checks for the SRP parameters (g,n), when they + are not in the included list. * Version 1.2.0 (2005-01-27) - Added the definitions and OIDs for the RIPEMD-160 hash algorithm. diff --git a/lib/auth_srp.c b/lib/auth_srp.c index 1d963400b4..186b878e40 100644 --- a/lib/auth_srp.c +++ b/lib/auth_srp.c @@ -541,13 +541,19 @@ static int check_g_n(const opaque * g, size_t n_g, } /* Check if N is a prime and G a generator of the - * group. + * group. This is check only done if N is big enough. + * Otherwise only the included parameters must be used. */ static int group_check_g_n(mpi_t g, mpi_t n) { mpi_t q = NULL, two = NULL, w = NULL; int ret; + if (_gnutls_mpi_get_nbits(n) < 2048) { + gnutls_assert(); + return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; + } + /* N must be of the form N=2q+1 * where q is also a prime. */ |