diff options
| author | Reyk Floeter <reyk@cvs.openbsd.org> | 2014-08-25 14:42:24 +0000 |
|---|---|---|
| committer | Reyk Floeter <reyk@cvs.openbsd.org> | 2014-08-25 14:42:24 +0000 |
| commit | 455c8fac596240884a022601c85ece1beb7f82a5 (patch) | |
| tree | b0497ab9835f345330924fe72edb14da400072c3 /sbin/isakmpd/dh.c | |
| parent | d4a6cdbd6b46a6e1fbc72d8cfab7ba4f43fb25cc (diff) | |
Sync dh.[ch] from iked. The files are identical, so any change in
either iked or isakmpd should be synced to the other daemon. The
previous changes from iked include: plug two memory leaks, verify EC
points and add the Brainpool curves. All tests in
regress/sbin/isakmpd/dh passed OKAY.
ok markus@ mikeb@
Diffstat (limited to 'sbin/isakmpd/dh.c')
| -rw-r--r-- | sbin/isakmpd/dh.c | 42 |
1 files changed, 37 insertions, 5 deletions
diff --git a/sbin/isakmpd/dh.c b/sbin/isakmpd/dh.c index cd1b3881393..bf94d0e2854 100644 --- a/sbin/isakmpd/dh.c +++ b/sbin/isakmpd/dh.c @@ -1,8 +1,7 @@ -/* $OpenBSD: dh.c,v 1.16 2014/07/11 10:01:00 jsg Exp $ */ -/* $vantronix: dh.c,v 1.13 2010/05/28 15:34:35 reyk Exp $ */ +/* $OpenBSD: dh.c,v 1.17 2014/08/25 14:42:23 reyk Exp $ */ /* - * Copyright (c) 2010 Reyk Floeter <reyk@vantronix.net> + * Copyright (c) 2010-2014 Reyk Floeter <reyk@openbsd.org> * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -21,10 +20,10 @@ #include <string.h> #include <openssl/obj_mac.h> -#include <openssl/bn.h> #include <openssl/dh.h> #include <openssl/ec.h> #include <openssl/ecdh.h> +#include <openssl/bn.h> #include "dh.h" @@ -279,7 +278,11 @@ struct group_id ike_groups[] = { "5E2327CFEF98C582664B4C0F6CC41659" }, { GROUP_ECP, 25, 192, NULL, NULL, NID_X9_62_prime192v1 }, - { GROUP_ECP, 26, 224, NULL, NULL, NID_secp224r1 } + { GROUP_ECP, 26, 224, NULL, NULL, NID_secp224r1 }, + { GROUP_ECP, 27, 224, NULL, NULL, NID_brainpoolP224r1 }, + { GROUP_ECP, 28, 256, NULL, NULL, NID_brainpoolP256r1 }, + { GROUP_ECP, 29, 384, NULL, NULL, NID_brainpoolP384r1 }, + { GROUP_ECP, 30, 512, NULL, NULL, NID_brainpoolP512r1 } }; void @@ -299,6 +302,7 @@ group_free(struct group *group) if (group->ec != NULL) EC_KEY_free(group->ec); group->spec = NULL; + free(group); } struct group * @@ -454,6 +458,10 @@ ec_init(struct group *group) return (-1); if (!EC_KEY_generate_key(group->ec)) return (-1); + if (!EC_KEY_check_key(group->ec)) { + EC_KEY_free(group->ec); + return (-1); + } return (0); } @@ -483,6 +491,7 @@ ec_create_shared(struct group *group, u_int8_t *secret, u_int8_t *exchange) { const EC_GROUP *ecgroup = NULL; const BIGNUM *privkey; + EC_KEY *exkey = NULL; EC_POINT *exchangep = NULL, *secretp = NULL; int ret = -1; @@ -494,6 +503,17 @@ ec_create_shared(struct group *group, u_int8_t *secret, u_int8_t *exchange) ec_raw2point(group, exchange, ec_getlen(group))) == NULL) goto done; + if ((exkey = EC_KEY_new()) == NULL) + goto done; + if (!EC_KEY_set_group(exkey, ecgroup)) + goto done; + if (!EC_KEY_set_public_key(exkey, exchangep)) + goto done; + + /* validate exchangep */ + if (!EC_KEY_check_key(exkey)) + goto done; + if ((secretp = EC_POINT_new(ecgroup)) == NULL) goto done; @@ -503,6 +523,8 @@ ec_create_shared(struct group *group, u_int8_t *secret, u_int8_t *exchange) ret = ec_point2raw(group, secretp, secret, ec_getlen(group)); done: + if (exkey != NULL) + EC_KEY_free(exkey); if (exchangep != NULL) EC_POINT_clear_free(exchangep); if (secretp != NULL) @@ -560,6 +582,11 @@ ec_point2raw(struct group *group, const EC_POINT *point, ret = 0; done: + /* Make sure to erase sensitive data */ + if (x != NULL) + BN_clear(x); + if (y != NULL) + BN_clear(y); BN_CTX_end(bnctx); BN_CTX_free(bnctx); @@ -613,6 +640,11 @@ ec_raw2point(struct group *group, u_int8_t *buf, size_t len) done: if (ret != 0 && point != NULL) EC_POINT_clear_free(point); + /* Make sure to erase sensitive data */ + if (x != NULL) + BN_clear(x); + if (y != NULL) + BN_clear(y); BN_CTX_end(bnctx); BN_CTX_free(bnctx); |