3 Commits

Author	SHA1	Message	Date
Tomas Mraz	85ccbab216	Check DSA parameters for excessive sizes before validating ... This avoids overly long computation of various validation checks. Fixes CVE-2024-4603 Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/24346)	2024-05-16 15:44:40 +02:00
Tomas Mraz	ba37b82045	dsa_check: Perform simple parameter check if seed is not available ... Added primality check on p and q in the ossl_ffc_params_simple_validate(). Checking for p and q sizes in the default provider is made more lenient. Added two testcases for invalid parameters. Fixes #13950 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14148)	2021-02-18 11:02:26 +01:00
Dmitry Belyavskiy	ebcaf110b2	DSA parameter check using pkeyparam ... Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14148)	2021-02-18 11:02:25 +01:00