Mercurial > dropbear
comparison fuzzer-verify.c @ 1655:f52919ffd3b1
update ltm to 1.1.0 and enable FIPS 186.4 compliant key-generation (#79)
* make key-generation compliant to FIPS 186.4
* fix includes in tommath_class.h
* update fuzzcorpus instead of error-out
* fixup fuzzing make-targets
* update Makefile.in
* apply necessary patches to ltm sources
* clean-up not required ltm files
* update to vanilla ltm 1.1.0
this already only contains the required files
* remove set/get double
| author | Steffen Jaeckel <s_jaeckel@gmx.de> |
|---|---|
| date | Mon, 16 Sep 2019 15:50:38 +0200 |
| parents | 92c93b4a3646 |
| children | ae41624c2198 |
comparison
equal
deleted
inserted
replaced
| 1654:cc0fc5131c5c | 1655:f52919ffd3b1 |
|---|---|
| 35 wouldn't be trusting a bogus key anyway */ | 35 wouldn't be trusting a bogus key anyway */ |
| 36 int boguskey = 0; | 36 int boguskey = 0; |
| 37 | 37 |
| 38 if (type == DROPBEAR_SIGNKEY_DSS) { | 38 if (type == DROPBEAR_SIGNKEY_DSS) { |
| 39 /* So far have seen dss keys with bad p/q/g domain parameters */ | 39 /* So far have seen dss keys with bad p/q/g domain parameters */ |
| 40 int pprime, qprime; | 40 int pprime, qprime, trials; |
| 41 assert(mp_prime_is_prime(key->dsskey->p, 5, &pprime) == MP_OKAY); | 41 trials = mp_prime_rabin_miller_trials(mp_count_bits(key->dsskey->p)); |
| 42 assert(mp_prime_is_prime(key->dsskey->q, 18, &qprime) == MP_OKAY); | 42 assert(mp_prime_is_prime(key->dsskey->p, trials, &pprime) == MP_OKAY); |
| 43 boguskey = !(pprime && qprime); | 43 trials = mp_prime_rabin_miller_trials(mp_count_bits(key->dsskey->q)); |
| 44 /* Could also check g**q mod p == 1 */ | 44 assert(mp_prime_is_prime(key->dsskey->q, trials, &qprime) == MP_OKAY); |
| 45 boguskey = !(pprime && qprime); | |
| 46 /* Could also check g**q mod p == 1 */ | |
| 45 } | 47 } |
| 46 | 48 |
| 47 if (!boguskey) { | 49 if (!boguskey) { |
| 48 printf("Random key/signature managed to verify!\n"); | 50 printf("Random key/signature managed to verify!\n"); |
| 49 abort(); | 51 abort(); |