[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_11-33-gd670889
From: |
Nikos Mavrogiannopoulos |
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_11-33-gd670889 |
Date: |
Wed, 11 Jan 2012 02:09:00 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=d6708897f61b44f6e57d4206c7a9f9fc86e26d51
The branch, master has been updated
via d6708897f61b44f6e57d4206c7a9f9fc86e26d51 (commit)
via 404c67dc3913e1d7bcafea73788c6b83d72bf498 (commit)
via 388524a37dbc278a697e543bd24260679ff3858f (commit)
via 0fa6db2e68e1e0141d727cf57e9a0f9d2e56f8bd (commit)
via 82da6fb2c6d5023d1a5628127f8016ebb92853b5 (commit)
from ae59e39662f934f2e697a2b546cdda4cfe4eb9b6 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit d6708897f61b44f6e57d4206c7a9f9fc86e26d51
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Jan 11 03:12:28 2012 +0100
updated
commit 404c67dc3913e1d7bcafea73788c6b83d72bf498
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Jan 11 03:10:40 2012 +0100
avoid allocating a privkey param for the public key.
commit 388524a37dbc278a697e543bd24260679ff3858f
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Jan 11 03:01:43 2012 +0100
corrected issue in ECDH key generation.
This issue prevented an ECDH key that was smaller than the
prime from being correctly aligned.
commit 0fa6db2e68e1e0141d727cf57e9a0f9d2e56f8bd
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Jan 11 02:33:58 2012 +0100
better handle alert for GNUTLS_E_PREMATURE_TERMINATION
commit 82da6fb2c6d5023d1a5628127f8016ebb92853b5
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Jan 11 02:33:37 2012 +0100
do not absorb error message
-----------------------------------------------------------------------
Summary of changes:
NEWS | 4 ++++
lib/auth/ecdh_common.c | 26 ++++++++++----------------
lib/gnutls_alert.c | 1 +
lib/gnutls_record.c | 7 +++++--
lib/nettle/ecc_shared_secret.c | 3 +--
5 files changed, 21 insertions(+), 20 deletions(-)
diff --git a/NEWS b/NEWS
index 0212a99..aa7f17f 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,10 @@ See the end for copying conditions.
** certtool: --outder option now works for private
and public keys as well.
+** libgnutls: Corrected an alignment issue in ECDH
+key generation which prevented some keys from being
+correctly aligned in rare circumstances.
+
** libgnutls: Corrected memory leaks in DH parameter
generation and ecc_projective_check_point().
diff --git a/lib/auth/ecdh_common.c b/lib/auth/ecdh_common.c
index 9a85f3d..f1beda8 100644
--- a/lib/auth/ecdh_common.c
+++ b/lib/auth/ecdh_common.c
@@ -46,20 +46,16 @@ static int calc_ecdh_key( gnutls_session_t session,
gnutls_datum_t * psk_key)
gnutls_pk_params_st pub;
int ret;
- pub.params[0] = session->key->ecdh_params.params[0];
- pub.params[1] = session->key->ecdh_params.params[1];
- pub.params[2] = session->key->ecdh_params.params[2];
- pub.params[3] = session->key->ecdh_params.params[3];
- pub.params[4] = session->key->ecdh_params.params[4];
- pub.params[5] = session->key->ecdh_params.params[5];
- pub.params[6] = session->key->ecdh_x;
- pub.params[7] = session->key->ecdh_y;
- pub.params[8] = _gnutls_mpi_new(1);
- if (pub.params[8] == NULL)
- return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
-
- _gnutls_mpi_set_ui(pub.params[8], 1);
-
+ memset(&pub,0,sizeof(pub));
+ pub.params[ECC_PRIME] = session->key->ecdh_params.params[ECC_PRIME];
+ pub.params[ECC_ORDER] = session->key->ecdh_params.params[ECC_ORDER];
+ pub.params[ECC_A] = session->key->ecdh_params.params[ECC_A];
+ pub.params[ECC_B] = session->key->ecdh_params.params[ECC_B];
+ pub.params[ECC_GX] = session->key->ecdh_params.params[ECC_GX];
+ pub.params[ECC_GY] = session->key->ecdh_params.params[ECC_GY];
+ pub.params[ECC_X] = session->key->ecdh_x;
+ pub.params[ECC_Y] = session->key->ecdh_y;
+
if (psk_key == NULL)
ret = _gnutls_pk_derive(GNUTLS_PK_EC, &session->key->key,
&session->key->ecdh_params, &pub);
else
@@ -87,8 +83,6 @@ int ret;
ret = 0;
cleanup:
- _gnutls_mpi_release(&pub.params[8]);
-
/* no longer needed */
_gnutls_mpi_release (&session->key->ecdh_x);
_gnutls_mpi_release (&session->key->ecdh_y);
diff --git a/lib/gnutls_alert.c b/lib/gnutls_alert.c
index cb269cf..3482185 100644
--- a/lib/gnutls_alert.c
+++ b/lib/gnutls_alert.c
@@ -244,6 +244,7 @@ gnutls_error_to_alert (int err, int *level)
break;
case GNUTLS_E_UNEXPECTED_PACKET:
case GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET:
+ case GNUTLS_E_PREMATURE_TERMINATION:
ret = GNUTLS_A_UNEXPECTED_MESSAGE;
_level = GNUTLS_AL_FATAL;
break;
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
index db9ef2a..8d73e98 100644
--- a/lib/gnutls_record.c
+++ b/lib/gnutls_record.c
@@ -822,8 +822,11 @@ gnutls_datum_t raw; /* raw headers */
{
if (gnutls_error_is_fatal (ret) == 0)
return ret;
-
- return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+ if (ret >= 0)
+ ret = GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+
+ return gnutls_assert_val(ret);
}
ret = _mbuffer_linearize (&session->internals.record_recv_buffer);
diff --git a/lib/nettle/ecc_shared_secret.c b/lib/nettle/ecc_shared_secret.c
index 46a0793..4e3ef35 100644
--- a/lib/nettle/ecc_shared_secret.c
+++ b/lib/nettle/ecc_shared_secret.c
@@ -76,8 +76,7 @@ ecc_shared_secret (ecc_key * private_key, ecc_key *
public_key,
err = -1;
goto done;
}
- memset (out, 0, x);
- nettle_mpz_get_str_256(x, out + (x - nettle_mpz_sizeinbase_256_u
(result->x)), result->x);
+ nettle_mpz_get_str_256(x, out, result->x);
err = 0;
*outlen = x;
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_0_11-33-gd670889,
Nikos Mavrogiannopoulos <=