X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/blobdiff_plain/5b9f3d3788bafcba79c893b1afc6a1c77bc77d20..b8317630c30c6c5e92237daf66acbfca6398ccc9:/server/keymgmt.c diff --git a/server/keymgmt.c b/server/keymgmt.c index 9e4bc5b4..51a13d70 100644 --- a/server/keymgmt.c +++ b/server/keymgmt.c @@ -9,19 +9,18 @@ * * This file is part of Trivial IP Encryption (TrIPE). * - * TrIPE is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. + * TrIPE is free software: you can redistribute it and/or modify it under + * the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at your + * option) any later version. * - * TrIPE is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. + * TrIPE is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. * * You should have received a copy of the GNU General Public License - * along with TrIPE; if not, write to the Free Software Foundation, - * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * along with TrIPE. If not, see . */ /*----- Header files ------------------------------------------------------*/ @@ -203,6 +202,8 @@ static int kh_loadpriv(key_file *kf, key *k, key_data *d, { int rc; const char *err; + dhge *K; + int ok; if ((rc = dh->ldpriv(kf, k, d, kd, t, e)) != 0) goto fail_0; @@ -211,6 +212,13 @@ static int kh_loadpriv(key_file *kf, key *k, key_data *d, a_format(e, "bad-group", "%s", err, A_END); goto fail_1; } + K = kd->grp->ops->mul(kd->grp, kd->k, 0); + ok = kd->grp->ops->eq(kd->grp, kd->K, K); + kd->grp->ops->freege(kd->grp, K); + if (!ok) { + a_format(e, "incorrect-public-key", A_END); + goto fail_1; + } return (0); fail_1: @@ -369,7 +377,7 @@ founddh: } if (algs_get(&kd->algs, &e, kh->kf, k) || - (kd->k && algs_check(&kd->algs, &e, kd->grp))) { + algs_check(&kd->algs, &e, kd->grp)) { a_warn("KEYMGMT", "%s-keyring", kh->kind, "%s", kh->kr, "key", "%s", t.buf, "*%s", e.buf, A_END);