Added more checks on g_a and g
This commit is contained in:
vysheng
parent
3421589432
commit
73b17ee19d
5 changed files with 27 additions and 7 deletions
|
|
@ -43,7 +43,7 @@
|
|||
|
||||
#include "mtproto-common.h"
|
||||
|
||||
#define ALLOW_MULT 1
|
||||
//#define ALLOW_MULT 1
|
||||
char *default_prompt = "> ";
|
||||
|
||||
int unread_messages;
|
||||
|
|
|
|||
|
|
@ -462,7 +462,7 @@ int check_DH_params (BIGNUM *p, int g) {
|
|||
return 0;
|
||||
}
|
||||
|
||||
int check_g (BIGNUM *g) {
|
||||
int check_g (unsigned char p[256], BIGNUM *g) {
|
||||
static unsigned char s[256];
|
||||
memset (s, 0, 256);
|
||||
assert (BN_num_bytes (g) <= 256);
|
||||
|
|
@ -484,9 +484,28 @@ int check_g (BIGNUM *g) {
|
|||
}
|
||||
}
|
||||
if (!ok) { return -1; }
|
||||
ok = 0;
|
||||
for (i = 0; i < 64; i++) {
|
||||
if (s[i] < p[i]) {
|
||||
ok = 1;
|
||||
break;
|
||||
} else if (s[i] > p[i]) {
|
||||
logprintf ("i = %d (%d %d)\n", i, (int)s[i], (int)p[i]);
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
if (!ok) { return -1; }
|
||||
return 0;
|
||||
}
|
||||
|
||||
int check_g_bn (BIGNUM *p, BIGNUM *g) {
|
||||
static unsigned char s[256];
|
||||
memset (s, 0, 256);
|
||||
assert (BN_num_bytes (p) <= 256);
|
||||
BN_bn2bin (p, s);
|
||||
return check_g (s, g);
|
||||
}
|
||||
|
||||
int process_dh_answer (struct connection *c, char *packet, int len) {
|
||||
if (verbosity) {
|
||||
logprintf ( "process_dh_answer(), len=%d\n", len);
|
||||
|
|
@ -519,7 +538,7 @@ int process_dh_answer (struct connection *c, char *packet, int len) {
|
|||
BN_init (&g_a);
|
||||
assert (fetch_bignum (&dh_prime) > 0);
|
||||
assert (fetch_bignum (&g_a) > 0);
|
||||
assert (check_g (&g_a) >= 0);
|
||||
assert (check_g_bn (&dh_prime, &g_a) >= 0);
|
||||
int server_time = *in_ptr++;
|
||||
assert (in_ptr <= in_end);
|
||||
|
||||
|
|
|
|||
|
|
@ -26,6 +26,7 @@ long long encrypt_send_message (struct connection *c, int *msg, int msg_ints, in
|
|||
void dc_authorize (struct dc *DC);
|
||||
void work_update (struct connection *c, long long msg_id);
|
||||
void work_update_binlog (void);
|
||||
int check_g (BIGNUM *g);
|
||||
int check_g (unsigned char p[256], BIGNUM *g);
|
||||
int check_g_bn (BIGNUM *p, BIGNUM *g);
|
||||
int check_DH_params (BIGNUM *p, int g);
|
||||
#endif
|
||||
|
|
|
|||
2
net.c
2
net.c
|
|
@ -596,7 +596,7 @@ void insert_seqno (struct session *S, int seqno) {
|
|||
|
||||
extern struct dc *DC_list[];
|
||||
|
||||
struct dc *alloc_dc (int id, char *ip, int port) {
|
||||
struct dc *alloc_dc (int id, char *ip, int port UU) {
|
||||
assert (!DC_list[id]);
|
||||
struct dc *DC = malloc (sizeof (*DC));
|
||||
memset (DC, 0, sizeof (*DC));
|
||||
|
|
|
|||
|
|
@ -2270,7 +2270,7 @@ void do_send_accept_encr_chat (struct secret_chat *E, unsigned char *random) {
|
|||
assert (b);
|
||||
BIGNUM *g_a = BN_bin2bn (E->g_key, 256, 0);
|
||||
assert (g_a);
|
||||
assert (check_g (g_a) >= 0);
|
||||
assert (check_g (encr_prime, g_a) >= 0);
|
||||
if (!ctx) {
|
||||
ctx = BN_CTX_new ();
|
||||
BN_CTX_init (ctx);
|
||||
|
|
@ -2316,7 +2316,7 @@ void do_create_keys_end (struct secret_chat *U) {
|
|||
assert (encr_prime);
|
||||
BIGNUM *g_b = BN_bin2bn (U->g_key, 256, 0);
|
||||
assert (g_b);
|
||||
assert (check_g (g_b) >= 0);
|
||||
assert (check_g (encr_prime, g_b) >= 0);
|
||||
if (!ctx) {
|
||||
ctx = BN_CTX_new ();
|
||||
BN_CTX_init (ctx);
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue