git.ipfire.org Git - thirdparty/openssl.git/commit

author	Richard Levitte <levitte@openssl.org>
	Fri, 20 Oct 2023 07:18:19 +0000 (09:18 +0200)
committer	Hugo Landau <hlandau@openssl.org>
	Mon, 6 Nov 2023 07:55:01 +0000 (07:55 +0000)
commit	ec061bf8ff2add8050599058557178c03295bcc0
tree	29c7316a658b332b0ec6168847e7041d5b0985a6	tree \| snapshot
parent	4ede274cf9b7b9f946fa243c798c961213d1f053	commit \| diff

Make DH_check_pub_key() and DH_generate_key() safer yet

We already check for an excessively large P in DH_generate_key(), but not in
DH_check_pub_key(), and none of them check for an excessively large Q.

This change adds all the missing excessive size checks of P and Q.

It's to be noted that behaviours surrounding excessively sized P and Q
differ. DH_check() raises an error on the excessively sized P, but only
sets a flag for the excessively sized Q. This behaviour is mimicked in
DH_check_pub_key().

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22453)

crypto/dh/dh_check.c		diff \| blob \| blame \| history
crypto/dh/dh_err.c		diff \| blob \| blame \| history
crypto/dh/dh_key.c		diff \| blob \| blame \| history
crypto/err/openssl.txt		diff \| blob \| blame \| history
include/crypto/dherr.h		diff \| blob \| blame \| history
include/openssl/dh.h		diff \| blob \| blame \| history
include/openssl/dherr.h		diff \| blob \| blame \| history