Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
300b1d76
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
8 个月 前同步成功
通知
8
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
300b1d76
编写于
11月 29, 2010
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
apply J-PKAKE fix to HEAD (original by Ben)
上级
ae3fff50
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
43 addition
and
3 deletion
+43
-3
CHANGES
CHANGES
+9
-2
crypto/jpake/jpake.c
crypto/jpake/jpake.c
+29
-0
crypto/jpake/jpake.h
crypto/jpake/jpake.h
+2
-0
crypto/jpake/jpake_err.c
crypto/jpake/jpake_err.c
+3
-1
未找到文件。
CHANGES
浏览文件 @
300b1d76
...
...
@@ -123,7 +123,7 @@
whose return value is often ignored.
[Steve Henson]
Changes between 1.0.0
b
and 1.0.1 [xx XXX xxxx]
Changes between 1.0.0
c
and 1.0.1 [xx XXX xxxx]
*) Add functions to copy EVP_PKEY_METHOD and retrieve flags and id.
[Steve Henson]
...
...
@@ -162,7 +162,14 @@
Add command line options to s_client/s_server.
[Steve Henson]
Changes between 1.0.0a and 1.0.0b [xx XXX xxxx]
Changes between 1.0.0b and 1.0.0c [xx XXX xxxx]
*) Fixed J-PAKE implementation error, originally discovered by
Sebastien Martini, further info and confirmation from Stefan
Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252
[Ben Laurie]
Changes between 1.0.0a and 1.0.0b [16 Nov 2010]
*) Fix extension code to avoid race conditions which can result in a buffer
overrun vulnerability: resumed sessions must not be modified as they can
...
...
crypto/jpake/jpake.c
浏览文件 @
300b1d76
...
...
@@ -282,8 +282,37 @@ int JPAKE_STEP1_generate(JPAKE_STEP1 *send, JPAKE_CTX *ctx)
return
1
;
}
/* g^x is a legal value */
static
int
is_legal
(
const
BIGNUM
*
gx
,
const
JPAKE_CTX
*
ctx
)
{
BIGNUM
*
t
;
int
res
;
if
(
BN_is_negative
(
gx
)
||
BN_is_zero
(
gx
)
||
BN_cmp
(
gx
,
ctx
->
p
.
p
)
>=
0
)
return
0
;
t
=
BN_new
();
BN_mod_exp
(
t
,
gx
,
ctx
->
p
.
q
,
ctx
->
p
.
p
,
ctx
->
ctx
);
res
=
BN_is_one
(
t
);
BN_free
(
t
);
return
res
;
}
int
JPAKE_STEP1_process
(
JPAKE_CTX
*
ctx
,
const
JPAKE_STEP1
*
received
)
{
if
(
!
is_legal
(
received
->
p1
.
gx
,
ctx
))
{
JPAKEerr
(
JPAKE_F_JPAKE_STEP1_PROCESS
,
JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL
);
return
0
;
}
if
(
!
is_legal
(
received
->
p2
.
gx
,
ctx
))
{
JPAKEerr
(
JPAKE_F_JPAKE_STEP1_PROCESS
,
JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL
);
return
0
;
}
/* verify their ZKP(xc) */
if
(
!
verify_zkp
(
&
received
->
p1
,
ctx
->
p
.
g
,
ctx
))
{
...
...
crypto/jpake/jpake.h
浏览文件 @
300b1d76
...
...
@@ -115,6 +115,8 @@ void ERR_load_JPAKE_strings(void);
#define JPAKE_F_VERIFY_ZKP 100
/* Reason codes. */
#define JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL 108
#define JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL 109
#define JPAKE_R_G_TO_THE_X4_IS_ONE 105
#define JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH 106
#define JPAKE_R_HASH_OF_KEY_MISMATCH 107
...
...
crypto/jpake/jpake_err.c
浏览文件 @
300b1d76
/* crypto/jpake/jpake_err.c */
/* ====================================================================
* Copyright (c) 1999-20
08
The OpenSSL Project. All rights reserved.
* Copyright (c) 1999-20
10
The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
...
...
@@ -80,6 +80,8 @@ static ERR_STRING_DATA JPAKE_str_functs[]=
static
ERR_STRING_DATA
JPAKE_str_reasons
[]
=
{
{
ERR_REASON
(
JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL
),
"g to the x3 is not legal"
},
{
ERR_REASON
(
JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL
),
"g to the x4 is not legal"
},
{
ERR_REASON
(
JPAKE_R_G_TO_THE_X4_IS_ONE
)
,
"g to the x4 is one"
},
{
ERR_REASON
(
JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH
),
"hash of hash of key mismatch"
},
{
ERR_REASON
(
JPAKE_R_HASH_OF_KEY_MISMATCH
),
"hash of key mismatch"
},
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录