openssl/crypto
Richard Levitte ec061bf8ff Make DH_check_pub_key() and DH_generate_key() safer yet
We already check for an excessively large P in DH_generate_key(), but not in
DH_check_pub_key(), and none of them check for an excessively large Q.

This change adds all the missing excessive size checks of P and Q.

It's to be noted that behaviours surrounding excessively sized P and Q
differ.  DH_check() raises an error on the excessively sized P, but only
sets a flag for the excessively sized Q.  This behaviour is mimicked in
DH_check_pub_key().

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22453)
2023-11-06 07:55:01 +00:00
..
aes riscv: Provide vector crypto implementation of AES-ECB mode. 2023-10-26 15:55:50 +01:00
aria
asn1 Do not include crypto/asn1.h from internal/cryptlib.h 2023-10-19 10:15:56 +02:00
async
bf
bio Make s_client -quic -debug work 2023-10-25 09:40:48 +01:00
bn bn: Properly error out if aliasing return value with modulus 2023-10-26 15:25:47 +01:00
buffer
camellia
cast Copyright year updates 2023-09-07 09:59:15 +01:00
chacha riscv: Provide a vector implementation of CHACHA20 cipher. 2023-10-26 15:55:50 +01:00
cmac Copyright year updates 2023-09-07 09:59:15 +01:00
cmp CMP: fix OSSL_CMP_MSG_http_perform() by adding option OSSL_CMP_OPT_USE_TLS 2023-10-10 20:36:06 +02:00
cms free oaep label-octet-string on error 2023-10-30 07:59:06 +00:00
comp Copyright year updates 2023-09-07 09:59:15 +01:00
conf Add notes on use of strdup 2023-10-24 17:30:58 +01:00
crmf Copyright year updates 2023-09-07 09:59:15 +01:00
ct
des Copyright year updates 2023-09-07 09:59:15 +01:00
dh Make DH_check_pub_key() and DH_generate_key() safer yet 2023-11-06 07:55:01 +00:00
dsa DH_check_pub_key() should not fail when setting result code 2023-10-11 16:22:27 +02:00
dso Copyright year updates 2023-09-07 09:59:15 +01:00
ec Correct comment in crypto/ec/curve448/ed448.h 2023-11-01 17:34:05 +01:00
encode_decode Copyright year updates 2023-09-07 09:59:15 +01:00
engine Improved detection of engine-provided private "classic" keys 2023-10-04 11:02:00 +11:00
err Make DH_check_pub_key() and DH_generate_key() safer yet 2023-11-06 07:55:01 +00:00
ess
evp internal/common.h: rename macro (un)likely to ossl_(un)likely 2023-11-03 21:08:22 +01:00
ffc DH_check_pub_key() should not fail when setting result code 2023-10-11 16:22:27 +02:00
hmac
hpke Add additional internal HPKE hardening checks resulting from code audit. 2023-11-03 09:10:19 +01:00
http return 0 if an error occurred 2023-10-26 15:21:16 +01:00
idea
kdf
lhash All lh_stats functions were deprecated in 3.1 2023-10-04 07:52:41 +11:00
md2
md4
md5 Copyright year updates 2023-09-07 09:59:15 +01:00
mdc2
modes Provide additional AES-GCM test patterns to enhance test coverage. 2023-10-26 15:55:50 +01:00
objects ensure that ossl_obj_nid_lock is allocated before use 2023-10-18 16:52:45 +02:00
ocsp Copyright year updates 2023-09-07 09:59:15 +01:00
pem Copyright year updates 2023-09-28 14:23:29 +01:00
perlasm riscv: Provide vector crypto implementation of AES-128/256-XTS mode. 2023-10-26 15:55:50 +01:00
pkcs7 CMS and PKCS7: fix handlling of EVP_PKEY_get_size() failure 2023-10-26 16:03:48 +01:00
pkcs12 Copyright year updates 2023-09-28 14:23:29 +01:00
poly1305 Copyright year updates 2023-09-07 09:59:15 +01:00
property ossl_property_list_to_string: handle quoted strings 2023-10-05 08:09:13 +11:00
rand internal/common.h: rename macro (un)likely to ossl_(un)likely 2023-11-03 21:08:22 +01:00
rc2 Copyright year updates 2023-09-07 09:59:15 +01:00
rc4 Copyright year updates 2023-09-07 09:59:15 +01:00
rc5 Copyright year updates 2023-09-07 09:59:15 +01:00
ripemd
rsa rsa: Add SP800-56Br2 6.4.1.2.1 (3.c) check 2023-10-25 09:26:51 +01:00
seed
sha riscv: Support SHA-512 family on platforms with vlen >= 128. 2023-10-26 15:55:50 +01:00
siphash
sm2 Copyright year updates 2023-09-07 09:59:15 +01:00
sm3 riscv: Support sm3 on platforms with vlen >= 128. 2023-10-26 15:55:50 +01:00
sm4 Update for Zvkb extension. 2023-10-26 15:55:50 +01:00
srp Copyright year updates 2023-09-28 14:23:29 +01:00
stack Copyright year updates 2023-09-07 09:59:15 +01:00
store Copyright year updates 2023-09-28 14:23:29 +01:00
thread Copyright year updates 2023-09-07 09:59:15 +01:00
ts Copyright year updates 2023-09-07 09:59:15 +01:00
txt_db Copyright year updates 2023-09-07 09:59:15 +01:00
ui Copyright year updates 2023-09-07 09:59:15 +01:00
whrlpool Copyright year updates 2023-09-07 09:59:15 +01:00
x509 x509_print_ex: Remove unused setting when XN_FLAG_COMPAT is set 2023-10-26 15:48:00 +01:00
alphacpuid.pl
arm64cpuid.pl
arm_arch.h * Enable extra Arm64 optimization on Windows for GHASH, RAND and AES 2023-10-10 15:37:41 +02:00
armcap.c
armv4cpuid.pl Copyright year updates 2023-09-07 09:59:15 +01:00
asn1_dsa.c
bsearch.c
build.info Do not include sparse_array.o in libssl 2023-09-22 20:42:48 +02:00
c64xpluscpuid.pl
context.c Copyright year updates 2023-09-07 09:59:15 +01:00
core_algorithm.c
core_fetch.c
core_namemap.c Copyright year updates 2023-09-07 09:59:15 +01:00
cpt_err.c
cpuid.c Copyright year updates 2023-09-28 14:23:29 +01:00
cryptlib.c Copyright year updates 2023-09-07 09:59:15 +01:00
ctype.c Copyright year updates 2023-09-07 09:59:15 +01:00
cversion.c
der_writer.c
deterministic_nonce.c Copyright year updates 2023-09-07 09:59:15 +01:00
dllmain.c
ebcdic.c
ex_data.c Fix error handling in CRYPTO_get_ex_new_index 2023-09-21 14:43:08 +02:00
getenv.c
ia64cpuid.S
info.c Copyright year updates 2023-09-07 09:59:15 +01:00
init.c Copyright year updates 2023-09-07 09:59:15 +01:00
initthread.c crypto/initthread.c: fix misspelled OSSL_provider_init() in comment 2023-10-26 15:45:41 +01:00
loongarch64cpuid.pl
loongarch_arch.h Copyright year updates 2023-09-07 09:59:15 +01:00
loongarchcap.c Copyright year updates 2023-09-07 09:59:15 +01:00
LPdir_nyi.c
LPdir_unix.c Copyright year updates 2023-09-07 09:59:15 +01:00
LPdir_vms.c
LPdir_win32.c
LPdir_win.c
LPdir_wince.c
mem_clr.c
mem_sec.c Copyright year updates 2023-09-07 09:59:15 +01:00
mem.c Windows: use srand() instead of srandom() 2023-10-13 15:04:42 +02:00
mips_arch.h
o_dir.c
o_fopen.c
o_init.c
o_str.c Copyright year updates 2023-09-28 14:23:29 +01:00
o_time.c
packet.c Copyright year updates 2023-09-07 09:59:15 +01:00
param_build_set.c ossl_param_build_set_multi_key_bn(): Do not set NULL BIGNUMs 2023-10-18 18:07:13 +02:00
param_build.c Copyright year updates 2023-09-07 09:59:15 +01:00
params_dup.c
params_from_text.c
params_idx.c.in
params.c Copyright year updates 2023-09-07 09:59:15 +01:00
pariscid.pl
passphrase.c
ppccap.c
ppccpuid.pl
provider_child.c Copyright year updates 2023-09-07 09:59:15 +01:00
provider_conf.c Copyright year updates 2023-09-07 09:59:15 +01:00
provider_core.c rand: add callbacks to cleanup the user entropy resp. nonce 2023-10-20 09:48:34 +01:00
provider_local.h
provider_predefined.c
provider.c Copyright year updates 2023-09-07 09:59:15 +01:00
punycode.c Copyright year updates 2023-09-07 09:59:15 +01:00
quic_vlint.c
README-sparse_array.md
riscv32cpuid.pl
riscv64cpuid.pl riscv: Add basic vector extension support 2023-10-26 15:55:49 +01:00
riscvcap.c riscv: Add basic vector extension support 2023-10-26 15:55:49 +01:00
s390x_arch.h Copyright year updates 2023-09-07 09:59:15 +01:00
s390xcap.c Copyright year updates 2023-09-07 09:59:15 +01:00
s390xcpuid.pl
self_test_core.c
sleep.c Copyright year updates 2023-09-07 09:59:15 +01:00
sparccpuid.S
sparcv9cap.c
sparse_array.c
threads_lib.c
threads_none.c Copyright year updates 2023-09-07 09:59:15 +01:00
threads_pthread.c Copyright year updates 2023-09-07 09:59:15 +01:00
threads_win.c Copyright year updates 2023-09-07 09:59:15 +01:00
time.c Copyright year updates 2023-09-07 09:59:15 +01:00
trace.c "foo * bar" should be "foo *bar" 2023-09-11 10:15:30 +02:00
uid.c Copyright year updates 2023-09-07 09:59:15 +01:00
vms_rms.h
x86_64cpuid.pl
x86cpuid.pl