Avoid infinite loop on parsing DSA private keys - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2022-04-07 17:38:24 +0000
committer	tb <>	2022-04-07 17:38:24 +0000
commit	3340c71f78097b15a0cacb114e0b6c483ad85c02 (patch)
tree	6445ee7c9e643e6ae12636e212c627d4934e3f58 /src/regress/lib/libcrypto/asn1/asn1basic.c
parent	1061feec63ce8eec5e559ca2697b80bc73044484 (diff)
download	openbsd-3340c71f78097b15a0cacb114e0b6c483ad85c02.tar.gz openbsd-3340c71f78097b15a0cacb114e0b6c483ad85c02.tar.bz2 openbsd-3340c71f78097b15a0cacb114e0b6c483ad85c02.zip

Avoid infinite loop on parsing DSA private keys

DSA private keys with ill-chosen g could cause an infinite loop on deserializing. Add a few sanity checks that ensure that g is according to the FIPS 186-4: check 1 < g < p and g^q == 1 (mod p). This is enough to ascertain that g is a generator of a multiplicative group of order q once we know that q is prime (which is checked a bit later). Issue reported with reproducers by Hanno Boeck. Additional variants and analysis by David Benjamin. ok beck jsing

Diffstat (limited to 'src/regress/lib/libcrypto/asn1/asn1basic.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: