diff options
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libcrypto/dsa/dsa_ameth.c | 50 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/dsa/dsa_ameth.c | 50 |
2 files changed, 96 insertions, 4 deletions
diff --git a/src/lib/libcrypto/dsa/dsa_ameth.c b/src/lib/libcrypto/dsa/dsa_ameth.c index b9ee49f055..9bef6e5a13 100644 --- a/src/lib/libcrypto/dsa/dsa_ameth.c +++ b/src/lib/libcrypto/dsa/dsa_ameth.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: dsa_ameth.c,v 1.17 2015/02/14 15:11:22 miod Exp $ */ | 1 | /* $OpenBSD: dsa_ameth.c,v 1.18 2015/09/10 18:12:55 miod Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2006. | 3 | * project 2006. |
| 4 | */ | 4 | */ |
| @@ -519,13 +519,59 @@ static int | |||
| 519 | old_dsa_priv_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) | 519 | old_dsa_priv_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) |
| 520 | { | 520 | { |
| 521 | DSA *dsa; | 521 | DSA *dsa; |
| 522 | BN_CTX *ctx = NULL; | ||
| 523 | BIGNUM *j, *p1, *newp1; | ||
| 522 | 524 | ||
| 523 | if (!(dsa = d2i_DSAPrivateKey (NULL, pder, derlen))) { | 525 | if (!(dsa = d2i_DSAPrivateKey(NULL, pder, derlen))) { |
| 524 | DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB); | 526 | DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB); |
| 525 | return 0; | 527 | return 0; |
| 526 | } | 528 | } |
| 529 | |||
| 530 | ctx = BN_CTX_new(); | ||
| 531 | if (ctx == NULL) | ||
| 532 | goto err; | ||
| 533 | |||
| 534 | /* | ||
| 535 | * Check that p and q are consistent with each other. | ||
| 536 | */ | ||
| 537 | |||
| 538 | j = BN_CTX_get(ctx); | ||
| 539 | p1 = BN_CTX_get(ctx); | ||
| 540 | newp1 = BN_CTX_get(ctx); | ||
| 541 | if (j == NULL || p1 == NULL || newp1 == NULL) | ||
| 542 | goto err; | ||
| 543 | /* p1 = p - 1 */ | ||
| 544 | if (BN_sub(p1, dsa->p, BN_value_one()) == 0) | ||
| 545 | goto err; | ||
| 546 | /* j = (p - 1) / q */ | ||
| 547 | if (BN_div(j, NULL, p1, dsa->q, ctx) == 0) | ||
| 548 | goto err; | ||
| 549 | /* q * j should == p - 1 */ | ||
| 550 | if (BN_mul(newp1, dsa->q, j, ctx) == 0) | ||
| 551 | goto err; | ||
| 552 | if (BN_cmp(newp1, p1) != 0) { | ||
| 553 | DSAerr(DSA_F_DSA_PARAM_DECODE, DSA_R_BAD_Q_VALUE); | ||
| 554 | goto err; | ||
| 555 | } | ||
| 556 | |||
| 557 | /* | ||
| 558 | * Check that q is not a composite number. | ||
| 559 | */ | ||
| 560 | |||
| 561 | if (BN_is_prime_ex(dsa->q, BN_prime_checks, ctx, NULL) == 0) { | ||
| 562 | DSAerr(DSA_F_DSA_PARAM_DECODE, DSA_R_BAD_Q_VALUE); | ||
| 563 | goto err; | ||
| 564 | } | ||
| 565 | |||
| 566 | BN_CTX_free(ctx); | ||
| 567 | |||
| 527 | EVP_PKEY_assign_DSA(pkey, dsa); | 568 | EVP_PKEY_assign_DSA(pkey, dsa); |
| 528 | return 1; | 569 | return 1; |
| 570 | |||
| 571 | err: | ||
| 572 | BN_CTX_free(ctx); | ||
| 573 | DSA_free(dsa); | ||
| 574 | return 0; | ||
| 529 | } | 575 | } |
| 530 | 576 | ||
| 531 | static int | 577 | static int |
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_ameth.c b/src/lib/libssl/src/crypto/dsa/dsa_ameth.c index b9ee49f055..9bef6e5a13 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_ameth.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_ameth.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: dsa_ameth.c,v 1.17 2015/02/14 15:11:22 miod Exp $ */ | 1 | /* $OpenBSD: dsa_ameth.c,v 1.18 2015/09/10 18:12:55 miod Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2006. | 3 | * project 2006. |
| 4 | */ | 4 | */ |
| @@ -519,13 +519,59 @@ static int | |||
| 519 | old_dsa_priv_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) | 519 | old_dsa_priv_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) |
| 520 | { | 520 | { |
| 521 | DSA *dsa; | 521 | DSA *dsa; |
| 522 | BN_CTX *ctx = NULL; | ||
| 523 | BIGNUM *j, *p1, *newp1; | ||
| 522 | 524 | ||
| 523 | if (!(dsa = d2i_DSAPrivateKey (NULL, pder, derlen))) { | 525 | if (!(dsa = d2i_DSAPrivateKey(NULL, pder, derlen))) { |
| 524 | DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB); | 526 | DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB); |
| 525 | return 0; | 527 | return 0; |
| 526 | } | 528 | } |
| 529 | |||
| 530 | ctx = BN_CTX_new(); | ||
| 531 | if (ctx == NULL) | ||
| 532 | goto err; | ||
| 533 | |||
| 534 | /* | ||
| 535 | * Check that p and q are consistent with each other. | ||
| 536 | */ | ||
| 537 | |||
| 538 | j = BN_CTX_get(ctx); | ||
| 539 | p1 = BN_CTX_get(ctx); | ||
| 540 | newp1 = BN_CTX_get(ctx); | ||
| 541 | if (j == NULL || p1 == NULL || newp1 == NULL) | ||
| 542 | goto err; | ||
| 543 | /* p1 = p - 1 */ | ||
| 544 | if (BN_sub(p1, dsa->p, BN_value_one()) == 0) | ||
| 545 | goto err; | ||
| 546 | /* j = (p - 1) / q */ | ||
| 547 | if (BN_div(j, NULL, p1, dsa->q, ctx) == 0) | ||
| 548 | goto err; | ||
| 549 | /* q * j should == p - 1 */ | ||
| 550 | if (BN_mul(newp1, dsa->q, j, ctx) == 0) | ||
| 551 | goto err; | ||
| 552 | if (BN_cmp(newp1, p1) != 0) { | ||
| 553 | DSAerr(DSA_F_DSA_PARAM_DECODE, DSA_R_BAD_Q_VALUE); | ||
| 554 | goto err; | ||
| 555 | } | ||
| 556 | |||
| 557 | /* | ||
| 558 | * Check that q is not a composite number. | ||
| 559 | */ | ||
| 560 | |||
| 561 | if (BN_is_prime_ex(dsa->q, BN_prime_checks, ctx, NULL) == 0) { | ||
| 562 | DSAerr(DSA_F_DSA_PARAM_DECODE, DSA_R_BAD_Q_VALUE); | ||
| 563 | goto err; | ||
| 564 | } | ||
| 565 | |||
| 566 | BN_CTX_free(ctx); | ||
| 567 | |||
| 527 | EVP_PKEY_assign_DSA(pkey, dsa); | 568 | EVP_PKEY_assign_DSA(pkey, dsa); |
| 528 | return 1; | 569 | return 1; |
| 570 | |||
| 571 | err: | ||
| 572 | BN_CTX_free(ctx); | ||
| 573 | DSA_free(dsa); | ||
| 574 | return 0; | ||
| 529 | } | 575 | } |
| 530 | 576 | ||
| 531 | static int | 577 | static int |