mirror of
https://github.com/openssl/openssl.git
synced 2024-12-27 06:21:43 +08:00
e09fc1d746
Fixes CVE-2023-6237 If a large and incorrect RSA public key is checked with EVP_PKEY_public_check() the computation could take very long time due to no limit being applied to the RSA public key size and unnecessarily high number of Miller-Rabin algorithm rounds used for non-primality check of the modulus. Now the keys larger than 16384 bits (OPENSSL_RSA_MAX_MODULUS_BITS) will fail the check with RSA_R_MODULUS_TOO_LARGE error reason. Also the number of Miller-Rabin rounds was set to 5. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23243) |
||
|---|---|---|
| .. | ||
| build.info | ||
| rsa_acvp_test_params.c | ||
| rsa_ameth.c | ||
| rsa_asn1.c | ||
| rsa_backend.c | ||
| rsa_chk.c | ||
| rsa_crpt.c | ||
| rsa_depr.c | ||
| rsa_err.c | ||
| rsa_gen.c | ||
| rsa_lib.c | ||
| rsa_local.h | ||
| rsa_meth.c | ||
| rsa_mp_names.c | ||
| rsa_mp.c | ||
| rsa_none.c | ||
| rsa_oaep.c | ||
| rsa_ossl.c | ||
| rsa_pk1.c | ||
| rsa_pmeth.c | ||
| rsa_prn.c | ||
| rsa_pss.c | ||
| rsa_saos.c | ||
| rsa_schemes.c | ||
| rsa_sign.c | ||
| rsa_sp800_56b_check.c | ||
| rsa_sp800_56b_gen.c | ||
| rsa_x931.c | ||
| rsa_x931g.c | ||