From 0356089d0f94ab86dd82fd686703560988833e3c Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Mon, 23 Mar 2015 14:32:11 +0100
Subject: diffie-hellman: Verify public DH values in backends

---
 src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c')

diff --git a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
index 0fbfc24aa..0ca24d76a 100644
--- a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
+++ b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
@@ -90,6 +90,11 @@ METHOD(diffie_hellman_t, set_other_public_value, bool,
 {
 	mpz_t p_min_1;
 
+	if (!diffie_hellman_verify_value(this->group, value))
+	{
+		return FALSE;
+	}
+
 	mpz_init(p_min_1);
 	mpz_sub_ui(p_min_1, this->p, 1);
 
-- 
cgit v1.2.3