mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-03-01 19:28:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
25624c9087
openssl/crypto/ffc
History
slontis bcec03c33c Fix NULL deference when validating FFC public key. 
Fixes CVE-2023-0217

When attempting to do a BN_Copy of params->p there was no NULL check.
Since BN_copy does not check for NULL this is a NULL reference.

As an aside BN_cmp() does do a NULL check, so there are other checks
that fail because a NULL is passed. A more general check for NULL params
has been added for both FFC public and private key validation instead.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
2023-02-07 17:05:10 +01:00
..
build.info EVP_PKEY & DH: Make DH EVP_PKEY_CTX parameter ctrls / setters more available 2020-12-16 11:55:39 +01:00
ffc_backend.c Use as small dh key size as possible to support the security 2022-07-18 08:06:17 +01:00
ffc_dh.c Use as small dh key size as possible to support the security 2022-07-18 08:06:17 +01:00
ffc_key_generate.c Use as small dh key size as possible to support the security 2022-07-18 08:06:17 +01:00
ffc_key_validate.c Fix NULL deference when validating FFC public key. 2023-02-07 17:05:10 +01:00
ffc_params_generate.c Fix incorrect check on RAND_bytes_ex() in generate_q_fips186_4() 2023-01-23 10:40:26 +01:00
ffc_params_validate.c Fix DSA EVP_PKEY_param_check() when defaults are used for param generation. 2021-03-15 09:01:51 +10:00
ffc_params.c ossl_ffc_params_copy: Copy the keylength too 2022-07-18 08:06:17 +01:00