_wrap_nettle_pk_derive: reject values of public key that are over the prime

author Nikos Mavrogiannopoulos <nmav@redhat.com>

Mon, 18 Apr 2016 09:18:04 +0000 (11:18 +0200)

committer Nikos Mavrogiannopoulos <nmav@redhat.com>

Mon, 18 Apr 2016 09:21:45 +0000 (11:21 +0200)
author Nikos Mavrogiannopoulos <nmav@redhat.com>
Mon, 18 Apr 2016 09:18:04 +0000 (11:18 +0200)
committer Nikos Mavrogiannopoulos <nmav@redhat.com>
Mon, 18 Apr 2016 09:21:45 +0000 (11:21 +0200)
diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c

index c7ef0d78c59e577fb35f399bcfd9fb0b0f0aa008..dd1d8bb104b413d8176c66a8ba10067839368557 100644 (file)
--- a/lib/nettle/pk.c
+++ b/lib/nettle/pk.c
@@ -191,23 +191,17 @@ static int _wrap_nettle_pk_derive(gnutls_pk_algorithm_t algo,
                 if (ret < 0)
                         return gnutls_assert_val(ret);
  
-               ret = _gnutls_mpi_modm(ff, f, prime);
+               ret = _gnutls_mpi_add_ui(ff, f, 1);
                 if (ret < 0) {
                         gnutls_assert();
                         goto dh_cleanup;
                 }
  
-               ret = _gnutls_mpi_add_ui(ff, ff, 1);
-               if (ret < 0) {
-                       gnutls_assert();
-                       goto dh_cleanup;
-               }
-
-               /* check if f==0,1,p-1. 
-                * or (ff=f+1) equivalently ff==1,2,p */
+               /* check if f==0,1, or f >= p-1. 
+                * or (ff=f+1) equivalently ff==1,2, ff >= p */
                 if ((_gnutls_mpi_cmp_ui(ff, 2) == 0)
                     || (_gnutls_mpi_cmp_ui(ff, 1) == 0)
-                   || (_gnutls_mpi_cmp(ff, prime) == 0)) {
+                   || (_gnutls_mpi_cmp(ff, prime) >= 0)) {
                         gnutls_assert();
                         ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
                         goto dh_cleanup;
author	Nikos Mavrogiannopoulos <nmav@redhat.com>
	Mon, 18 Apr 2016 09:18:04 +0000 (11:18 +0200)
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>
	Mon, 18 Apr 2016 09:21:45 +0000 (11:21 +0200)