openssl/crypto/dh
Tomas Mraz 1c16253f3c DH_check(): Do not try checking q properties if it is obviously invalid
If  |q| >= |p| then the q value is obviously wrong as q
is supposed to be a prime divisor of p-1.

We check if p is overly large so this added test implies that
q is not large either when performing subsequent tests using that
q value.

Otherwise if it is too large these additional checks of the q value
such as the primality test can then trigger DoS by doing overly long
computations.

Fixes CVE-2023-3817

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/21550)
2023-07-27 09:48:22 -04:00
..
build.info
dh_ameth.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
dh_asn1.c
dh_backend.c FFC cleanups 2023-04-03 10:31:04 +02:00
dh_check.c DH_check(): Do not try checking q properties if it is obviously invalid 2023-07-27 09:48:22 -04:00
dh_depr.c
dh_err.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
dh_gen.c Use libctx when generating DH parameters 2022-11-11 11:59:23 +01:00
dh_group_params.c Use as small dh key size as possible to support the security 2022-07-18 08:06:17 +01:00
dh_kdf.c Remove duplicated #include headers 2022-05-04 13:46:10 +10:00
dh_key.c S390x: Support ME and CRT offloading 2023-02-08 16:53:12 +01:00
dh_lib.c fix memory allocation and reference counting issues 2023-07-05 08:34:00 +10:00
dh_local.h
dh_meth.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
dh_pmeth.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
dh_prn.c
dh_rfc5114.c