|
 |
9199b3 |
diff -up gnutls-3.1.11/lib/gnutls_ecc.c.suiteb gnutls-3.1.11/lib/gnutls_ecc.c
|
|
|
9199b3 |
--- gnutls-3.1.11/lib/gnutls_ecc.c.suiteb 2013-04-27 10:04:48.000000000 +0200
|
|
|
9199b3 |
+++ gnutls-3.1.11/lib/gnutls_ecc.c 2013-05-23 10:08:45.331883555 +0200
|
|
|
9199b3 |
@@ -129,6 +129,12 @@ int ret;
|
|
|
9199b3 |
goto cleanup;
|
|
|
9199b3 |
}
|
|
|
9199b3 |
params->params_nr++;
|
|
|
9199b3 |
+
|
|
|
9199b3 |
+ if (_gnutls_mpi_get_nbits(params->params[ECC_PRIME]) < 256)
|
|
|
9199b3 |
+ {
|
|
|
9199b3 |
+ ret = gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
|
|
|
9199b3 |
+ goto cleanup;
|
|
|
9199b3 |
+ }
|
|
|
9199b3 |
|
|
|
9199b3 |
val_size = sizeof(val);
|
|
|
9199b3 |
ret = _gnutls_hex2bin(st->order, strlen(st->order), val, &val_size);
|
|
|
9199b3 |
diff -up gnutls-3.1.11/lib/nettle/ecc_mulmod_cached.c.suiteb gnutls-3.1.11/lib/nettle/ecc_mulmod_cached.c
|
|
|
9199b3 |
--- gnutls-3.1.11/lib/nettle/ecc_mulmod_cached.c.suiteb 2013-04-27 10:04:48.000000000 +0200
|
|
|
9199b3 |
+++ gnutls-3.1.11/lib/nettle/ecc_mulmod_cached.c 2013-05-23 10:24:56.575967312 +0200
|
|
|
9199b3 |
@@ -42,6 +42,7 @@ typedef struct
|
|
|
9199b3 |
|
|
|
9199b3 |
/* global cache */
|
|
|
9199b3 |
static gnutls_ecc_curve_cache_entry_t *ecc_wmnaf_cache = NULL;
|
|
|
9199b3 |
+static gnutls_ecc_curve_cache_entry_t *ecc_wmnaf_cache_last = NULL;
|
|
|
9199b3 |
|
|
|
9199b3 |
/* free single cache entry */
|
|
|
9199b3 |
static void
|
|
|
9199b3 |
@@ -63,9 +64,10 @@ ecc_wmnaf_cache_free (void)
|
|
|
9199b3 |
gnutls_ecc_curve_cache_entry_t *p = ecc_wmnaf_cache;
|
|
|
9199b3 |
if (p)
|
|
|
9199b3 |
{
|
|
|
9199b3 |
- for (; p->id != GNUTLS_ECC_CURVE_INVALID; ++p)
|
|
|
9199b3 |
+ for (; p <= ecc_wmnaf_cache_last; ++p)
|
|
|
9199b3 |
{
|
|
|
9199b3 |
- _ecc_wmnaf_cache_entry_free (p);
|
|
|
9199b3 |
+ if (p->id != GNUTLS_ECC_CURVE_INVALID)
|
|
|
9199b3 |
+ _ecc_wmnaf_cache_entry_free (p);
|
|
|
9199b3 |
}
|
|
|
9199b3 |
|
|
|
9199b3 |
free (ecc_wmnaf_cache);
|
|
|
9199b3 |
@@ -198,7 +200,7 @@ ecc_wmnaf_cache_init (void)
|
|
|
9199b3 |
const gnutls_ecc_curve_t *p;
|
|
|
9199b3 |
|
|
|
9199b3 |
ret = (gnutls_ecc_curve_cache_entry_t *)
|
|
|
9199b3 |
- malloc (MAX_ALGOS * sizeof (gnutls_ecc_curve_cache_entry_t));
|
|
|
9199b3 |
+ calloc (MAX_ALGOS, sizeof (gnutls_ecc_curve_cache_entry_t));
|
|
|
9199b3 |
if (ret == NULL)
|
|
|
9199b3 |
return GNUTLS_E_MEMORY_ERROR;
|
|
|
9199b3 |
|
|
|
9199b3 |
@@ -207,12 +209,16 @@ ecc_wmnaf_cache_init (void)
|
|
|
9199b3 |
|
|
|
9199b3 |
for (j = 0; *p; ++p, ++j)
|
|
|
9199b3 |
{
|
|
|
9199b3 |
- if ((err = _ecc_wmnaf_cache_entry_init (ret + *p - 1, *p)) != 0)
|
|
|
9199b3 |
+ gnutls_ecc_curve_cache_entry_t *entry;
|
|
|
9199b3 |
+
|
|
|
9199b3 |
+ entry = ret + *p - 1;
|
|
|
9199b3 |
+ if ((err = _ecc_wmnaf_cache_entry_init (entry, *p)) != 0)
|
|
|
9199b3 |
goto done;
|
|
|
9199b3 |
+ if (ecc_wmnaf_cache_last < entry)
|
|
|
9199b3 |
+ ecc_wmnaf_cache_last = entry;
|
|
|
9199b3 |
}
|
|
|
9199b3 |
|
|
|
9199b3 |
- /* nullify last cache entry id */
|
|
|
9199b3 |
- ret[j].id = GNUTLS_ECC_CURVE_INVALID;
|
|
|
9199b3 |
+ /* no need to nullify last cache entry id, done by calloc */
|
|
|
9199b3 |
|
|
|
9199b3 |
err = GNUTLS_E_SUCCESS;
|
|
|
9199b3 |
|
|
|
9199b3 |
@@ -223,7 +229,8 @@ done:
|
|
|
9199b3 |
int i;
|
|
|
9199b3 |
for (i = 0; i < j; ++i)
|
|
|
9199b3 |
{
|
|
|
9199b3 |
- _ecc_wmnaf_cache_entry_free (ret + i);
|
|
|
9199b3 |
+ --p;
|
|
|
9199b3 |
+ _ecc_wmnaf_cache_entry_free (ret + *p - 1);
|
|
|
9199b3 |
}
|
|
|
9199b3 |
|
|
|
9199b3 |
free (ret);
|
|
|
9199b3 |
@@ -445,9 +452,11 @@ ecc_mulmod_cached_lookup (mpz_t k, ecc_p
|
|
|
9199b3 |
if (k == NULL || G == NULL || R == NULL || modulus == NULL)
|
|
|
9199b3 |
return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
|
|
|
9199b3 |
|
|
|
9199b3 |
- for (i = 0; (id = ecc_wmnaf_cache[i].id); ++i)
|
|
|
9199b3 |
+ for (i = 0; ecc_wmnaf_cache + i <= ecc_wmnaf_cache_last; ++i)
|
|
|
9199b3 |
{
|
|
|
9199b3 |
- if (!(mpz_cmp (G->x, ecc_wmnaf_cache[i].pos[0]->x)) &&
|
|
|
9199b3 |
+ id = ecc_wmnaf_cache[i].id;
|
|
|
9199b3 |
+ if (id &&
|
|
|
9199b3 |
+ !(mpz_cmp (G->x, ecc_wmnaf_cache[i].pos[0]->x)) &&
|
|
|
9199b3 |
!(mpz_cmp (G->y, ecc_wmnaf_cache[i].pos[0]->y)))
|
|
|
9199b3 |
{
|
|
|
9199b3 |
break;
|
|
|
9199b3 |
diff -up gnutls-3.1.11/tests/mini-xssl.c.suiteb gnutls-3.1.11/tests/mini-xssl.c
|
|
|
9199b3 |
--- gnutls-3.1.11/tests/mini-xssl.c.suiteb 2013-05-10 10:10:27.000000000 +0200
|
|
|
9199b3 |
+++ gnutls-3.1.11/tests/mini-xssl.c 2013-05-23 11:58:22.670298910 +0200
|
|
|
9199b3 |
@@ -27,7 +27,8 @@
|
|
|
9199b3 |
#include <stdio.h>
|
|
|
9199b3 |
#include <stdlib.h>
|
|
|
9199b3 |
|
|
|
9199b3 |
-#if defined(_WIN32)
|
|
|
9199b3 |
+/* uses unsupported curves */
|
|
|
9199b3 |
+#if 1
|
|
|
9199b3 |
|
|
|
9199b3 |
int main()
|
|
|
9199b3 |
{
|
|
|
9199b3 |
diff -up gnutls-3.1.11/tests/pkcs12_simple.c.suiteb gnutls-3.1.11/tests/pkcs12_simple.c
|
|
|
9199b3 |
--- gnutls-3.1.11/tests/pkcs12_simple.c.suiteb 2013-05-10 10:10:27.000000000 +0200
|
|
|
9199b3 |
+++ gnutls-3.1.11/tests/pkcs12_simple.c 2013-05-23 11:57:59.776799848 +0200
|
|
|
9199b3 |
@@ -50,6 +50,9 @@ doit (void)
|
|
|
9199b3 |
gnutls_x509_privkey_t pkey;
|
|
|
9199b3 |
int ret;
|
|
|
9199b3 |
|
|
|
9199b3 |
+ /* uses unsupported curves */
|
|
|
9199b3 |
+ exit(77);
|
|
|
9199b3 |
+
|
|
|
9199b3 |
ret = global_init ();
|
|
|
9199b3 |
if (ret < 0)
|
|
|
9199b3 |
fail ("global_init failed %d\n", ret);
|