diff options
author | Ben Laurie <ben@openssl.org> | 2005-08-21 16:00:17 +0000 |
---|---|---|
committer | Ben Laurie <ben@openssl.org> | 2005-08-21 16:00:17 +0000 |
commit | bf3d6c0c9b58e6a78fa3ac0a60d68ef4fc0aa215 (patch) | |
tree | 7431a83a1487ff2ee8e13430ff3c52f58eb715b2 /crypto/dh/dh_check.c | |
parent | b8e8ccdc791e035473c710649fb3e67847c365ff (diff) | |
download | openssl-new-bf3d6c0c9b58e6a78fa3ac0a60d68ef4fc0aa215.tar.gz |
Make D-H safer, include well-known primes.
Diffstat (limited to 'crypto/dh/dh_check.c')
-rw-r--r-- | crypto/dh/dh_check.c | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c index bfc9c3ad76..10217c83dc 100644 --- a/crypto/dh/dh_check.c +++ b/crypto/dh/dh_check.c @@ -118,3 +118,25 @@ err: if (q != NULL) BN_free(q); return(ok); } + +int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) + { + int ok=0; + BIGNUM *q=NULL; + + *ret=0; + q=BN_new(); + if (q == NULL) goto err; + BN_set_word(q,1); + if (BN_cmp(pub_key,q)<=0) + *ret|=DH_CHECK_PUBKEY_TOO_SMALL; + BN_copy(q,dh->p); + BN_sub_word(q,1); + if (BN_cmp(pub_key,q)>=0) + *ret|=DH_CHECK_PUBKEY_TOO_LARGE; + + ok = 1; +err: + if (q != NULL) BN_free(q); + return(ok); + } |