check dss g range

--HG-- branch : fuzz
author: Matt Johnston <matt@ucc.asn.au> 2017-08-14 00:00:10 +0800
committer: Matt Johnston <matt@ucc.asn.au> 2017-08-14 00:00:10 +0800
commit: 5cd003d9e6d36fcca0ef40f12b8c8e4e540c58c7 (patch)
tree: c4933abd848df698b5eba355c928234b453aa31a /dss.c
parent: 4b7105dfea64f4bcea529f552579be62db7683b6 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/dss.c b/dss.c
index 8f80421..fc91ff2 100644
--- a/dss.c
+++ b/dss.c
@@ -73,6 +73,18 @@ int buf_get_dss_pub_key(buffer* buf, dropbear_dss_key *key) {
 		goto out;
 	}
 
+	/* test 1 < g < p */
+	if (mp_cmp_d(key->g, 1) != MP_GT) {
+		dropbear_log(LOG_WARNING, "Bad DSS g");
+		ret = DROPBEAR_FAILURE;
+		goto out;
+	}
+	if (mp_cmp(key->g, key->p) != MP_LT) {
+		dropbear_log(LOG_WARNING, "Bad DSS g");
+		ret = DROPBEAR_FAILURE;
+		goto out;
+	}
+
 	ret = DROPBEAR_SUCCESS;
 	TRACE(("leave buf_get_dss_pub_key: success"))
 out:
author	Matt Johnston <matt@ucc.asn.au>	2017-08-14 00:00:10 +0800
committer	Matt Johnston <matt@ucc.asn.au>	2017-08-14 00:00:10 +0800
commit	5cd003d9e6d36fcca0ef40f12b8c8e4e540c58c7 (patch)
tree	c4933abd848df698b5eba355c928234b453aa31a /dss.c
parent	4b7105dfea64f4bcea529f552579be62db7683b6 (diff)