Merge GH #779 Add ECDH/ECIES blinding and DH small subgroup checking

author: Jack Lloyd <[email protected]> 2016-12-21 19:48:04 -0500
committer: Jack Lloyd <[email protected]> 2016-12-21 19:48:04 -0500
commit: 8f5089b2bb9c571e0c9620ad43465af1e8af2b11 (patch)
tree: b8237f37f23e5c986db55499060cf549a8942532 /src/lib/pubkey/dl_group
parent: 46bf28e0b6d9627a57862a180142fbf158f33ce7 (diff)
parent: 75e6d9aa7da63cf7dbf81359e350da682c8e4979 (diff)
1 files changed, 19 insertions, 5 deletions
diff --git a/src/lib/pubkey/dl_group/dl_group.cpp b/src/lib/pubkey/dl_group/dl_group.cpp
index 0f4985eb9..adf207b43 100644
--- a/src/lib/pubkey/dl_group/dl_group.cpp
+++ b/src/lib/pubkey/dl_group/dl_group.cpp
@@ -12,6 +12,7 @@
 #include <botan/ber_dec.h>
 #include <botan/pem.h>
 #include <botan/workfactor.h>
+#include <botan/pow_mod.h>
 
 namespace Botan {
 
@@ -149,15 +150,28 @@ bool DL_Group::verify_group(RandomNumberGenerator& rng,
 
    if(m_g < 2 || m_p < 3 || m_q < 0)
       return false;
-   if((m_q != 0) && ((m_p - 1) % m_q != 0))
-      return false;
 
-   const size_t prob = (strong) ? 56 : 10;
+   const size_t prob = (strong) ? 128 : 10;
 
+   if(m_q != 0)
+      {
+      if((m_p - 1) % m_q != 0)
+         {
+         return false;
+         }
+      if(power_mod(m_g, m_q, m_p) != 1)
+         {
+         return false;
+         }
+      if(!is_prime(m_q, rng, prob))
+         {
+         return false;
+         }
+      }
    if(!is_prime(m_p, rng, prob))
+      {
       return false;
-   if((m_q > 0) && !is_prime(m_q, rng, prob))
-      return false;
+      }
    return true;
    }
author	Jack Lloyd <[email protected]>	2016-12-21 19:48:04 -0500
committer	Jack Lloyd <[email protected]>	2016-12-21 19:48:04 -0500
commit	8f5089b2bb9c571e0c9620ad43465af1e8af2b11 (patch)
tree	b8237f37f23e5c986db55499060cf549a8942532 /src/lib/pubkey/dl_group
parent	46bf28e0b6d9627a57862a180142fbf158f33ce7 (diff)
parent	75e6d9aa7da63cf7dbf81359e350da682c8e4979 (diff)