openssl/include/crypto
Richard Levitte ec061bf8ff Make DH_check_pub_key() and DH_generate_key() safer yet
We already check for an excessively large P in DH_generate_key(), but not in
DH_check_pub_key(), and none of them check for an excessively large Q.

This change adds all the missing excessive size checks of P and Q.

It's to be noted that behaviours surrounding excessively sized P and Q
differ.  DH_check() raises an error on the excessively sized P, but only
sets a flag for the excessively sized Q.  This behaviour is mimicked in
DH_check_pub_key().

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22453)
2023-11-06 07:55:01 +00:00
..
__DECC_INCLUDE_EPILOGUE.H
__DECC_INCLUDE_PROLOGUE.H
aes_platform.h riscv: Provide vector crypto implementation of AES-128/256-XTS mode. 2023-10-26 15:55:50 +01:00
aria.h
asn1_dsa.h
asn1.h Copyright year updates 2023-09-28 14:23:29 +01:00
asn1err.h
async.h
asyncerr.h
bioerr.h BIO_dgram support for BIO_sendmmsg/BIO_recvmmsg 2022-09-01 18:03:10 +10:00
bn_conf.h.in
bn_dh.h
bn_srp.h
bn.h Copyright year updates 2023-09-07 09:59:15 +01:00
bnerr.h RSA keygen update: Raise an error if no prime candidate q is found. 2022-06-13 10:56:31 +02:00
buffererr.h
chacha.h riscv: Provide a vector implementation of CHACHA20 cipher. 2023-10-26 15:55:50 +01:00
cmll_platform.h
cmperr.h CMP client: fix error response on -csr without private key, also in docs 2023-05-12 10:46:27 +02:00
cmserr.h CMS sign digest 2022-04-02 10:42:16 -04:00
comperr.h
conferr.h
context.h Copyright year updates 2023-09-28 14:23:29 +01:00
crmferr.h
cryptlib.h
cryptoerr.h
cterr.h
ctype.h tolower: refine the tolower code to avoid a memory access 2022-05-23 09:51:28 +10:00
decoder.h Copyright year updates 2023-09-07 09:59:15 +01:00
decodererr.h
des_platform.h
dh.h Update copyright year 2022-05-03 13:34:51 +01:00
dherr.h Make DH_check_pub_key() and DH_generate_key() safer yet 2023-11-06 07:55:01 +00:00
dsa.h Implement deterministic ECDSA sign (RFC6979) 2022-11-30 07:31:53 +00:00
dsaerr.h Fix infinite loops in DSA sign code. 2023-03-01 09:20:49 +11:00
dso_conf.h.in
ec.h Implement deterministic ECDSA sign (RFC6979) 2022-11-30 07:31:53 +00:00
ecerr.h Fix potential infinite loops in ECDSA signing. 2023-03-01 09:20:49 +11:00
ecx.h Copyright year updates 2023-09-07 09:59:15 +01:00
encoder.h Remove the _fetch_by_number functions 2022-05-06 10:38:55 +10:00
encodererr.h
engine.h
engineerr.h
err.h
ess.h
esserr.h
evp.h rand: fix seeding from a weak entropy source 2023-10-24 11:14:11 +01:00
evperr.h EVP_PKEY_get_{bits,security_bits,size}(): add missing error queue entry on failure 2023-10-26 16:03:48 +01:00
httperr.h
lhash.h
md32_common.h Add ROTATE inline asm support for SM3 2022-06-22 12:46:50 +02:00
modes.h providers: Add SM4 XTS implementation 2022-11-29 16:17:30 +01:00
objects.h
objectserr.h
ocsperr.h
pem.h
pemerr.h
pkcs7.h
pkcs7err.h
pkcs12err.h Allow PKCS12 export to set arbitrary bag attributes 2022-09-23 17:40:02 +01:00
poly1305.h
ppc_arch.h Update copyright year 2022-05-03 13:34:51 +01:00
punycode.h Copyright year updates 2023-09-07 09:59:15 +01:00
rand_pool.h
rand.h rand: implement an unbiased random integer from a range 2023-11-01 12:05:28 +01:00
randerr.h rand: add extra error code 2023-09-27 17:22:54 +01:00
riscv_arch.def Update for Zvkb extension. 2023-10-26 15:55:50 +01:00
riscv_arch.h Update for Zvkb extension. 2023-10-26 15:55:50 +01:00
rsa.h Copyright year updates 2023-09-07 09:59:15 +01:00
rsaerr.h
security_bits.h
sha.h Copyright year updates 2023-09-07 09:59:15 +01:00
siphash.h
siv.h
sm2.h
sm2err.h
sm4_platform.h riscv: SM4: Provide a Zvksed-based implementation 2023-10-26 15:55:49 +01:00
sm4.h
sparc_arch.h
sparse_array.h
store.h Add method store cache flush and method removal to non-EVP operations 2022-05-05 15:06:12 +02:00
storeerr.h
tserr.h
types.h Copyright year updates 2023-09-07 09:59:15 +01:00
uierr.h
x509.h Fix decoders so that they use the passed in propq. 2023-08-16 18:02:51 +02:00
x509err.h x509_att.c: improve error checking and reporting and coding style 2022-08-24 11:25:04 +02:00
x509v3err.h