dh.c (137015) | dh.c (162852) |
---|---|
1/* $OpenBSD: dh.c,v 1.42 2006/08/03 03:34:42 deraadt Exp $ */ |
|
1/* 2 * Copyright (c) 2000 Niels Provos. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. --- 9 unchanged lines hidden (view full) --- 18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23 */ 24 25#include "includes.h" | 2/* 3 * Copyright (c) 2000 Niels Provos. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. --- 9 unchanged lines hidden (view full) --- 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26#include "includes.h" |
26RCSID("$OpenBSD: dh.c,v 1.31 2004/08/04 10:37:52 djm Exp $"); | |
27 | 27 |
28#include "xmalloc.h" | 28#include <sys/param.h> |
29 30#include <openssl/bn.h> 31#include <openssl/dh.h> | 29 30#include <openssl/bn.h> 31#include <openssl/dh.h> |
32#include <openssl/evp.h> | |
33 | 32 |
34#include "buffer.h" 35#include "cipher.h" 36#include "kex.h" | 33#include <stdarg.h> 34#include <stdio.h> 35#include <stdlib.h> 36#include <string.h> 37 |
37#include "dh.h" 38#include "pathnames.h" 39#include "log.h" 40#include "misc.h" 41 42static int 43parse_prime(int linenum, char *line, struct dhgroup *dhg) 44{ 45 char *cp, *arg; 46 char *strsize, *gen, *prime; | 38#include "dh.h" 39#include "pathnames.h" 40#include "log.h" 41#include "misc.h" 42 43static int 44parse_prime(int linenum, char *line, struct dhgroup *dhg) 45{ 46 char *cp, *arg; 47 char *strsize, *gen, *prime; |
48 const char *errstr = NULL; |
|
47 48 cp = line; | 49 50 cp = line; |
49 arg = strdelim(&cp); | 51 if ((arg = strdelim(&cp)) == NULL) 52 return 0; |
50 /* Ignore leading whitespace */ 51 if (*arg == '\0') 52 arg = strdelim(&cp); 53 if (!arg || !*arg || *arg == '#') 54 return 0; 55 56 /* time */ 57 if (cp == NULL || *arg == '\0') --- 4 unchanged lines hidden (view full) --- 62 arg = strsep(&cp, " "); /* tests */ 63 if (cp == NULL || *arg == '\0') 64 goto fail; 65 arg = strsep(&cp, " "); /* tries */ 66 if (cp == NULL || *arg == '\0') 67 goto fail; 68 strsize = strsep(&cp, " "); /* size */ 69 if (cp == NULL || *strsize == '\0' || | 53 /* Ignore leading whitespace */ 54 if (*arg == '\0') 55 arg = strdelim(&cp); 56 if (!arg || !*arg || *arg == '#') 57 return 0; 58 59 /* time */ 60 if (cp == NULL || *arg == '\0') --- 4 unchanged lines hidden (view full) --- 65 arg = strsep(&cp, " "); /* tests */ 66 if (cp == NULL || *arg == '\0') 67 goto fail; 68 arg = strsep(&cp, " "); /* tries */ 69 if (cp == NULL || *arg == '\0') 70 goto fail; 71 strsize = strsep(&cp, " "); /* size */ 72 if (cp == NULL || *strsize == '\0' || |
70 (dhg->size = atoi(strsize)) == 0) | 73 (dhg->size = (u_int)strtonum(strsize, 0, 64*1024, &errstr)) == 0 || 74 errstr) |
71 goto fail; 72 /* The whole group is one bit larger */ 73 dhg->size++; 74 gen = strsep(&cp, " "); /* gen */ 75 if (cp == NULL || *gen == '\0') 76 goto fail; 77 prime = strsep(&cp, " "); /* prime */ 78 if (cp != NULL || *prime == '\0') --- 94 unchanged lines hidden (view full) --- 173/* diffie-hellman-groupN-sha1 */ 174 175int 176dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) 177{ 178 int i; 179 int n = BN_num_bits(dh_pub); 180 int bits_set = 0; | 75 goto fail; 76 /* The whole group is one bit larger */ 77 dhg->size++; 78 gen = strsep(&cp, " "); /* gen */ 79 if (cp == NULL || *gen == '\0') 80 goto fail; 81 prime = strsep(&cp, " "); /* prime */ 82 if (cp != NULL || *prime == '\0') --- 94 unchanged lines hidden (view full) --- 177/* diffie-hellman-groupN-sha1 */ 178 179int 180dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) 181{ 182 int i; 183 int n = BN_num_bits(dh_pub); 184 int bits_set = 0; |
185 BIGNUM *tmp; |
|
181 182 if (dh_pub->neg) { 183 logit("invalid public DH value: negativ"); 184 return 0; 185 } | 186 187 if (dh_pub->neg) { 188 logit("invalid public DH value: negativ"); 189 return 0; 190 } |
191 if (BN_cmp(dh_pub, BN_value_one()) != 1) { /* pub_exp <= 1 */ 192 logit("invalid public DH value: <= 1"); 193 return 0; 194 } 195 196 if ((tmp = BN_new()) == NULL) 197 return (-1); 198 if (!BN_sub(tmp, dh->p, BN_value_one()) || 199 BN_cmp(dh_pub, tmp) != -1) { /* pub_exp > p-2 */ 200 BN_clear_free(tmp); 201 logit("invalid public DH value: >= p-1"); 202 return 0; 203 } 204 BN_clear_free(tmp); 205 |
|
186 for (i = 0; i <= n; i++) 187 if (BN_is_bit_set(dh_pub, i)) 188 bits_set++; 189 debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p)); 190 191 /* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */ | 206 for (i = 0; i <= n; i++) 207 if (BN_is_bit_set(dh_pub, i)) 208 bits_set++; 209 debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p)); 210 211 /* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */ |
192 if (bits_set > 1 && (BN_cmp(dh_pub, dh->p) == -1)) | 212 if (bits_set > 1) |
193 return 1; | 213 return 1; |
214 |
|
194 logit("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p)); 195 return 0; 196} 197 198void 199dh_gen_key(DH *dh, int need) 200{ 201 int i, bits_set, tries = 0; --- 109 unchanged lines hidden --- | 215 logit("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p)); 216 return 0; 217} 218 219void 220dh_gen_key(DH *dh, int need) 221{ 222 int i, bits_set, tries = 0; --- 109 unchanged lines hidden --- |