~mdw
/
sgt
/
putty
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Avoid trying to take the modular inverse of zero in response to a
[sgt/putty]
/
sshdss.c
diff --git
a/sshdss.c
b/sshdss.c
index
6cf5830
..
3ea3695
100644
(file)
--- a/
sshdss.c
+++ b/
sshdss.c
@@
-42,7
+42,9
@@
static void getstring(char **data, int *datalen, char **p, int *length)
*p = NULL;
if (*datalen < 4)
return;
*p = NULL;
if (*datalen < 4)
return;
- *length = GET_32BIT(*data);
+ *length = toint(GET_32BIT(*data));
+ if (*length < 0)
+ return;
*datalen -= 4;
*data += 4;
if (*datalen < *length)
*datalen -= 4;
*data += 4;
if (*datalen < *length)
@@
-70,6
+72,9
@@
static Bignum get160(char **data, int *datalen)
{
Bignum b;
{
Bignum b;
+ if (*datalen < 20)
+ return NULL;
+
b = bignum_from_bytes((unsigned char *)*data, 20);
*data += 20;
*datalen -= 20;
b = bignum_from_bytes((unsigned char *)*data, 20);
*data += 20;
*datalen -= 20;
@@
-77,6
+82,8
@@
static Bignum get160(char **data, int *datalen)
return b;
}
return b;
}
+static void dss_freekey(void *key); /* forward reference */
+
static void *dss_newkey(char *data, int len)
{
char *p;
static void *dss_newkey(char *data, int len)
{
char *p;
@@
-84,8
+91,6
@@
static void *dss_newkey(char *data, int len)
struct dss_key *dss;
dss = snew(struct dss_key);
struct dss_key *dss;
dss = snew(struct dss_key);
- if (!dss)
- return NULL;
getstring(&data, &len, &p, &slen);
#ifdef DEBUG_DSS
getstring(&data, &len, &p, &slen);
#ifdef DEBUG_DSS
@@
-98,7
+103,7
@@
static void *dss_newkey(char *data, int len)
}
#endif
}
#endif
- if (!p || memcmp(p, "ssh-dss", 7)) {
+ if (!p ||
slen != 7 ||
memcmp(p, "ssh-dss", 7)) {
sfree(dss);
return NULL;
}
sfree(dss);
return NULL;
}
@@
-106,6
+111,14
@@
static void *dss_newkey(char *data, int len)
dss->q = getmp(&data, &len);
dss->g = getmp(&data, &len);
dss->y = getmp(&data, &len);
dss->q = getmp(&data, &len);
dss->g = getmp(&data, &len);
dss->y = getmp(&data, &len);
+ dss->x = NULL;
+
+ if (!dss->p || !dss->q || !dss->g || !dss->y ||
+ !bignum_cmp(dss->q, Zero) || !bignum_cmp(dss->p, Zero)) {
+ /* Invalid key. */
+ dss_freekey(dss);
+ return NULL;
+ }
return dss;
}
return dss;
}
@@
-113,10
+126,16
@@
static void *dss_newkey(char *data, int len)
static void dss_freekey(void *key)
{
struct dss_key *dss = (struct dss_key *) key;
static void dss_freekey(void *key)
{
struct dss_key *dss = (struct dss_key *) key;
- freebn(dss->p);
- freebn(dss->q);
- freebn(dss->g);
- freebn(dss->y);
+ if (dss->p)
+ freebn(dss->p);
+ if (dss->q)
+ freebn(dss->q);
+ if (dss->g)
+ freebn(dss->g);
+ if (dss->y)
+ freebn(dss->y);
+ if (dss->x)
+ freebn(dss->x);
sfree(dss);
}
sfree(dss);
}
@@
-249,8
+268,19
@@
static int dss_verifysig(void *key, char *sig, int siglen,
}
r = get160(&sig, &siglen);
s = get160(&sig, &siglen);
}
r = get160(&sig, &siglen);
s = get160(&sig, &siglen);
- if (!r || !s)
+ if (!r || !s) {
+ if (r)
+ freebn(r);
+ if (s)
+ freebn(s);
return 0;
return 0;
+ }
+
+ if (!bignum_cmp(s, Zero)) {
+ freebn(r);
+ freebn(s);
+ return 0;
+ }
/*
* Step 1. w <- s^-1 mod q.
/*
* Step 1. w <- s^-1 mod q.
@@
-287,6
+317,8
@@
static int dss_verifysig(void *key, char *sig, int siglen,
freebn(w);
freebn(sha);
freebn(w);
freebn(sha);
+ freebn(u1);
+ freebn(u2);
freebn(gu1p);
freebn(yu2p);
freebn(gu1yu2p);
freebn(gu1p);
freebn(yu2p);
freebn(gu1yu2p);
@@
-377,7
+409,13
@@
static void *dss_createkey(unsigned char *pub_blob, int pub_len,
Bignum ytest;
dss = dss_newkey((char *) pub_blob, pub_len);
Bignum ytest;
dss = dss_newkey((char *) pub_blob, pub_len);
+ if (!dss)
+ return NULL;
dss->x = getmp(&pb, &priv_len);
dss->x = getmp(&pb, &priv_len);
+ if (!dss->x) {
+ dss_freekey(dss);
+ return NULL;
+ }
/*
* Check the obsolete hash in the old DSS key format.
/*
* Check the obsolete hash in the old DSS key format.
@@
-402,6
+440,7
@@
static void *dss_createkey(unsigned char *pub_blob, int pub_len,
ytest = modpow(dss->g, dss->x, dss->p);
if (0 != bignum_cmp(ytest, dss->y)) {
dss_freekey(dss);
ytest = modpow(dss->g, dss->x, dss->p);
if (0 != bignum_cmp(ytest, dss->y)) {
dss_freekey(dss);
+ freebn(ytest);
return NULL;
}
freebn(ytest);
return NULL;
}
freebn(ytest);
@@
-415,8
+454,6
@@
static void *dss_openssh_createkey(unsigned char **blob, int *len)
struct dss_key *dss;
dss = snew(struct dss_key);
struct dss_key *dss;
dss = snew(struct dss_key);
- if (!dss)
- return NULL;
dss->p = getmp(b, len);
dss->q = getmp(b, len);
dss->p = getmp(b, len);
dss->q = getmp(b, len);
@@
-424,14
+461,11
@@
static void *dss_openssh_createkey(unsigned char **blob, int *len)
dss->y = getmp(b, len);
dss->x = getmp(b, len);
dss->y = getmp(b, len);
dss->x = getmp(b, len);
- if (!dss->p || !dss->q || !dss->g || !dss->y || !dss->x) {
- sfree(dss->p);
- sfree(dss->q);
- sfree(dss->g);
- sfree(dss->y);
- sfree(dss->x);
- sfree(dss);
- return NULL;
+ if (!dss->p || !dss->q || !dss->g || !dss->y || !dss->x ||
+ !bignum_cmp(dss->q, Zero) || !bignum_cmp(dss->p, Zero)) {
+ /* Invalid key. */
+ dss_freekey(dss);
+ return NULL;
}
return dss;
}
return dss;
@@
-471,6
+505,8
@@
static int dss_pubkey_bits(void *blob, int len)
int ret;
dss = dss_newkey((char *) blob, len);
int ret;
dss = dss_newkey((char *) blob, len);
+ if (!dss)
+ return -1;
ret = bignum_bitcount(dss->p);
dss_freekey(dss);
ret = bignum_bitcount(dss->p);
dss_freekey(dss);
@@
-599,6
+635,7
@@
static unsigned char *dss_sign(void *key, char *data, int datalen, int *siglen)
s = modmul(kinv, hxr, dss->q); /* s = k^-1 * (hash + x*r) mod q */
freebn(hxr);
freebn(kinv);
s = modmul(kinv, hxr, dss->q); /* s = k^-1 * (hash + x*r) mod q */
freebn(hxr);
freebn(kinv);
+ freebn(k);
freebn(hash);
/*
freebn(hash);
/*