generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Backport J-PAKE fix.

Browse Source
This commit is contained in:
Ben Laurie 2010-11-26 16:03:23 +00:00
parent 7e351bb560
commit efed63d783
4 changed files with 42 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGES
View File

@ -4,7 +4,10 @@
Changes between 0.9.8p and 0.9.8q [xx XXX xxxx] Changes between 0.9.8p and 0.9.8q [xx XXX xxxx]
*) *) Fixed J-PAKE implementation error, originally discovered by
Sebastien Martini, further info and confirmation from Stefan
Arentz and Feng Hao. Note that this fix is a security fix.
[Ben Laurie]
Changes between 0.9.8o and 0.9.8p [16 Nov 2010] Changes between 0.9.8o and 0.9.8p [16 Nov 2010]

30
crypto/jpake/jpake.c
View File

@ -283,8 +283,38 @@ int JPAKE_STEP1_generate(JPAKE_STEP1 *send, JPAKE_CTX *ctx)
return 1; return 1;
} }
/* g^x is a legal value */
static int is_legal(const BIGNUM *gx, const JPAKE_CTX *ctx)
{
BIGNUM *t;
int res;
if(BN_is_negative(gx) || BN_is_zero(gx) || BN_cmp(gx, ctx->p.p) >= 0)
return 0;
t = BN_new();
BN_mod_exp(t, gx, ctx->p.q, ctx->p.p, ctx->ctx);
res = BN_is_one(t);
BN_free(t);
return res;
}
int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received) int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received)
{ {
if(!is_legal(received->p1.gx, ctx))
{
JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL);
return 0;
}
if(!is_legal(received->p2.gx, ctx))
{
JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL);
return 0;
}
/* verify their ZKP(xc) */ /* verify their ZKP(xc) */
if(!verify_zkp(&received->p1, ctx->p.g, ctx)) if(!verify_zkp(&received->p1, ctx->p.g, ctx))
{ {

2
crypto/jpake/jpake.h
View File

@ -115,6 +115,8 @@ void ERR_load_JPAKE_strings(void);
#define JPAKE_F_VERIFY_ZKP 100 #define JPAKE_F_VERIFY_ZKP 100
/* Reason codes. */ /* Reason codes. */
#define JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL 108
#define JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL 109
#define JPAKE_R_G_TO_THE_X4_IS_ONE 105 #define JPAKE_R_G_TO_THE_X4_IS_ONE 105
#define JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH 106 #define JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH 106
#define JPAKE_R_HASH_OF_KEY_MISMATCH 107 #define JPAKE_R_HASH_OF_KEY_MISMATCH 107

4
crypto/jpake/jpake_err.c
View File

@ -1,6 +1,6 @@
/* crypto/jpake/jpake_err.c */ /* crypto/jpake/jpake_err.c */
/* ==================================================================== /* ====================================================================
* Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. * Copyright (c) 1999-2010 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -80,6 +80,8 @@ static ERR_STRING_DATA JPAKE_str_functs[]=
static ERR_STRING_DATA JPAKE_str_reasons[]= static ERR_STRING_DATA JPAKE_str_reasons[]=
{ {
{ERR_REASON(JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL),"g to the x3 is not legal"},
{ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL),"g to the x4 is not legal"},
{ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_ONE) ,"g to the x4 is one"}, {ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_ONE) ,"g to the x4 is one"},
{ERR_REASON(JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH),"hash of hash of key mismatch"}, {ERR_REASON(JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH),"hash of hash of key mismatch"},
{ERR_REASON(JPAKE_R_HASH_OF_KEY_MISMATCH),"hash of key mismatch"}, {ERR_REASON(JPAKE_R_HASH_OF_KEY_MISMATCH),"hash of key mismatch"},