openssl

mirror of https://github.com/openssl/openssl.git synced 2024-12-09 05:51:54 +08:00

History

Tomas Mraz e09fc1d746 Limit the execution time of RSA public key check Fixes CVE-2023-6237 If a large and incorrect RSA public key is checked with EVP_PKEY_public_check() the computation could take very long time due to no limit being applied to the RSA public key size and unnecessarily high number of Miller-Rabin algorithm rounds used for non-primality check of the modulus. Now the keys larger than 16384 bits (OPENSSL_RSA_MAX_MODULUS_BITS) will fail the check with RSA_R_MODULUS_TOO_LARGE error reason. Also the number of Miller-Rabin rounds was set to 5. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23243)		2024-01-15 10:54:34 +01:00
..
dhpkey.pem
dsapub_noparam.der
dsapub.pem
ec_p256_bad_0.pem
ec_p256_bad_1.pem
rsapub_17k.pem
sm2_bad_0.pem
sm2_bad_1.pem
sm2_bad_neg1.pem