File 0005-Check-Q-for-FFDHE-primes-in-prime-check.patch of Package gnutls.18749
From f5136909695e3c88f195828831fe5700fa2a1059 Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Tue, 21 May 2019 09:40:01 -0400
Subject: [PATCH 5/6] Check Q for FFDHE primes in prime-check
These are mersenne primes so q = (p - 1) / 2
We check that p = (q * 2) + 1
Signed-off-by: Simo Sorce <simo@redhat.com>
---
tests/suite/prime-check.c | 36 +++++++++++++++++++++++-------------
1 file changed, 23 insertions(+), 13 deletions(-)
diff --git a/tests/suite/prime-check.c b/tests/suite/prime-check.c
index 819f5371bf..3d6429c6e1 100644
--- a/tests/suite/prime-check.c
+++ b/tests/suite/prime-check.c
@@ -27,7 +27,7 @@
/* Tests whether the included parameters are indeed prime */
-static void test_prime(const gnutls_datum_t * prime)
+static void test_prime(const gnutls_datum_t * prime, const gnutls_datum_t * _q)
{
mpz_t p;
unsigned bits = prime->size * 8;
@@ -37,23 +37,33 @@ static void test_prime(const gnutls_datum_t * prime)
assert(mpz_sizeinbase(p, 2) == bits);
assert(mpz_probab_prime_p(p, 18));
+ if (_q) {
+ mpz_t q;
+
+ nettle_mpz_init_set_str_256_u(q, _q->size, _q->data);
+ mpz_mul_ui(q, q, 2);
+ mpz_add_ui(q, q, 1);
+ assert(mpz_cmp(p, q) == 0);
+ mpz_clear(q);
+ }
+
mpz_clear(p);
}
int main(int argc, char **argv)
{
- test_prime(&gnutls_srp_8192_group_prime);
- test_prime(&gnutls_srp_4096_group_prime);
- test_prime(&gnutls_srp_3072_group_prime);
- test_prime(&gnutls_srp_2048_group_prime);
- test_prime(&gnutls_srp_1536_group_prime);
- test_prime(&gnutls_srp_1024_group_prime);
-
- test_prime(&gnutls_ffdhe_8192_group_prime);
- test_prime(&gnutls_ffdhe_6144_group_prime);
- test_prime(&gnutls_ffdhe_4096_group_prime);
- test_prime(&gnutls_ffdhe_3072_group_prime);
- test_prime(&gnutls_ffdhe_2048_group_prime);
+ test_prime(&gnutls_srp_8192_group_prime, NULL);
+ test_prime(&gnutls_srp_4096_group_prime, NULL);
+ test_prime(&gnutls_srp_3072_group_prime, NULL);
+ test_prime(&gnutls_srp_2048_group_prime, NULL);
+ test_prime(&gnutls_srp_1536_group_prime, NULL);
+ test_prime(&gnutls_srp_1024_group_prime, NULL);
+
+ test_prime(&gnutls_ffdhe_8192_group_prime, &gnutls_ffdhe_8192_group_q);
+ test_prime(&gnutls_ffdhe_6144_group_prime, &gnutls_ffdhe_6144_group_q);
+ test_prime(&gnutls_ffdhe_4096_group_prime, &gnutls_ffdhe_4096_group_q);
+ test_prime(&gnutls_ffdhe_3072_group_prime, &gnutls_ffdhe_3072_group_q);
+ test_prime(&gnutls_ffdhe_2048_group_prime, &gnutls_ffdhe_2048_group_q);
return 0;
}
--
2.27.0