[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0_18-33-g444b
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0_18-33-g444b578 |
|
Date: |
Wed, 18 Apr 2012 16:14:32 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=444b5781386f3502c5d2014803cb29dd3c920a63
The branch, gnutls_3_0_x-2 has been updated
via 444b5781386f3502c5d2014803cb29dd3c920a63 (commit)
from b8efbfd783e2ff85d212772df3286a6824a6d2b2 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 444b5781386f3502c5d2014803cb29dd3c920a63
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Apr 18 17:26:15 2012 +0200
Added better sanity checks in Diffie-Hellman key exchange.
-----------------------------------------------------------------------
Summary of changes:
lib/gnutls_dh.c | 30 ++++++++++++++++++++++++------
1 files changed, 24 insertions(+), 6 deletions(-)
diff --git a/lib/gnutls_dh.c b/lib/gnutls_dh.c
index 79eb062..48dd092 100644
--- a/lib/gnutls_dh.c
+++ b/lib/gnutls_dh.c
@@ -106,28 +106,46 @@ fail:
bigint_t
gnutls_calc_dh_key (bigint_t f, bigint_t x, bigint_t prime)
{
- bigint_t k;
+ bigint_t k, ff, ret;
int bits;
- if (_gnutls_mpi_cmp_ui(f, 1) == 0)
+ ff = _gnutls_mpi_mod(f, prime);
+ _gnutls_mpi_add_ui(ff, ff, 1);
+
+ /* check if f==0,1,p-1.
+ * or (ff=f+1) equivalently ff==1,2,p */
+ if ((_gnutls_mpi_cmp_ui(ff, 2) == 0) || (_gnutls_mpi_cmp_ui(ff, 1) == 0) ||
+ (_gnutls_mpi_cmp(ff,prime) == 0))
{
gnutls_assert();
- return NULL;
+ ret = NULL;
+ goto cleanup;
}
bits = _gnutls_mpi_get_nbits (prime);
if (bits <= 0 || bits > MAX_BITS)
{
gnutls_assert ();
- return NULL;
+ ret = NULL;
+ goto cleanup;
}
k = _gnutls_mpi_alloc_like (prime);
if (k == NULL)
- return NULL;
+ {
+ gnutls_assert();
+ ret = NULL;
+ goto cleanup;
+ }
_gnutls_mpi_powm (k, f, x, prime);
- return k;
+
+ ret = k;
+
+cleanup:
+ _gnutls_mpi_release (&ff);
+
+ return ret;
}
/*-
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0_18-33-g444b578,
Nikos Mavrogiannopoulos <=