File 0005-Check-Q-for-FFDHE-primes-in-prime-check.patch of Package gnutls.31638

From f5136909695e3c88f195828831fe5700fa2a1059 Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Tue, 21 May 2019 09:40:01 -0400
Subject: [PATCH 5/6] Check Q for FFDHE primes in prime-check

These are mersenne primes so q = (p - 1) / 2
We check that p = (q * 2) + 1

Signed-off-by: Simo Sorce <simo@redhat.com>
---
 tests/suite/prime-check.c | 36 +++++++++++++++++++++++-------------
 1 file changed, 23 insertions(+), 13 deletions(-)

diff --git a/tests/suite/prime-check.c b/tests/suite/prime-check.c
index 819f5371bf..3d6429c6e1 100644
--- a/tests/suite/prime-check.c
+++ b/tests/suite/prime-check.c
@@ -27,7 +27,7 @@
 
 /* Tests whether the included parameters are indeed prime */
 
-static void test_prime(const gnutls_datum_t * prime)
+static void test_prime(const gnutls_datum_t * prime, const gnutls_datum_t * _q)
 {
 	mpz_t p;
 	unsigned bits = prime->size * 8;
@@ -37,23 +37,33 @@ static void test_prime(const gnutls_datum_t * prime)
 	assert(mpz_sizeinbase(p, 2) == bits);
 	assert(mpz_probab_prime_p(p, 18));
 
+	if (_q) {
+		mpz_t q;
+
+		nettle_mpz_init_set_str_256_u(q, _q->size, _q->data);
+		mpz_mul_ui(q, q, 2);
+		mpz_add_ui(q, q, 1);
+		assert(mpz_cmp(p, q) == 0);
+		mpz_clear(q);
+	}
+
 	mpz_clear(p);
 }
 
 int main(int argc, char **argv)
 {
-	test_prime(&gnutls_srp_8192_group_prime);
-	test_prime(&gnutls_srp_4096_group_prime);
-	test_prime(&gnutls_srp_3072_group_prime);
-	test_prime(&gnutls_srp_2048_group_prime);
-	test_prime(&gnutls_srp_1536_group_prime);
-	test_prime(&gnutls_srp_1024_group_prime);
-
-	test_prime(&gnutls_ffdhe_8192_group_prime);
-	test_prime(&gnutls_ffdhe_6144_group_prime);
-	test_prime(&gnutls_ffdhe_4096_group_prime);
-	test_prime(&gnutls_ffdhe_3072_group_prime);
-	test_prime(&gnutls_ffdhe_2048_group_prime);
+	test_prime(&gnutls_srp_8192_group_prime, NULL);
+	test_prime(&gnutls_srp_4096_group_prime, NULL);
+	test_prime(&gnutls_srp_3072_group_prime, NULL);
+	test_prime(&gnutls_srp_2048_group_prime, NULL);
+	test_prime(&gnutls_srp_1536_group_prime, NULL);
+	test_prime(&gnutls_srp_1024_group_prime, NULL);
+
+	test_prime(&gnutls_ffdhe_8192_group_prime, &gnutls_ffdhe_8192_group_q);
+	test_prime(&gnutls_ffdhe_6144_group_prime, &gnutls_ffdhe_6144_group_q);
+	test_prime(&gnutls_ffdhe_4096_group_prime, &gnutls_ffdhe_4096_group_q);
+	test_prime(&gnutls_ffdhe_3072_group_prime, &gnutls_ffdhe_3072_group_q);
+	test_prime(&gnutls_ffdhe_2048_group_prime, &gnutls_ffdhe_2048_group_q);
 
 	return 0;
 }
-- 
2.27.0

openSUSE Build Service is sponsored by