mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-24 13:55:42 +08:00
Code Issues Packages Projects Releases Wiki Activity
ec061bf8ff
openssl/include
History
Richard Levitte ec061bf8ff Make DH_check_pub_key() and DH_generate_key() safer yet 
We already check for an excessively large P in DH_generate_key(), but not in
DH_check_pub_key(), and none of them check for an excessively large Q.

This change adds all the missing excessive size checks of P and Q.

It's to be noted that behaviours surrounding excessively sized P and Q
differ.  DH_check() raises an error on the excessively sized P, but only
sets a flag for the excessively sized Q.  This behaviour is mimicked in
DH_check_pub_key().

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22453)
2023-11-06 07:55:01 +00:00
..
crypto Make DH_check_pub_key() and DH_generate_key() safer yet 2023-11-06 07:55:01 +00:00
internal internal/common.h: rename macro (un)likely to ossl_(un)likely 2023-11-03 21:08:22 +01:00
openssl Make DH_check_pub_key() and DH_generate_key() safer yet 2023-11-06 07:55:01 +00:00