changeset 1450:5b25d86b865b fuzz

check dss g range
author Matt Johnston <matt@ucc.asn.au>
date Mon, 14 Aug 2017 00:00:10 +0800
parents ea150e3e95a6
children 4afde04f0607
files dss.c
diffstat 1 files changed, 12 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/dss.c	Fri Jun 30 21:10:57 2017 +0800
+++ b/dss.c	Mon Aug 14 00:00:10 2017 +0800
@@ -73,6 +73,18 @@
 		goto out;
 	}
 
+	/* test 1 < g < p */
+	if (mp_cmp_d(key->g, 1) != MP_GT) {
+		dropbear_log(LOG_WARNING, "Bad DSS g");
+		ret = DROPBEAR_FAILURE;
+		goto out;
+	}
+	if (mp_cmp(key->g, key->p) != MP_LT) {
+		dropbear_log(LOG_WARNING, "Bad DSS g");
+		ret = DROPBEAR_FAILURE;
+		goto out;
+	}
+
 	ret = DROPBEAR_SUCCESS;
 	TRACE(("leave buf_get_dss_pub_key: success"))
 out: