]> git.ipfire.org Git - thirdparty/nettle.git/commitdiff
projects / thirdparty / nettle.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 52b9223)
Check for invalid keys, with even p, in dsa_sign.
authorNiels Möller <nisse@lysator.liu.se>
Thu, 4 Aug 2016 08:22:26 +0000 (10:22 +0200)
committerNiels Möller <nisse@lysator.liu.se>
Thu, 4 Aug 2016 08:22:26 +0000 (10:22 +0200)
ChangeLog patch | blob | blame | history
dsa-sign.c patch | blob | blame | history

diff --git a/ChangeLog b/ChangeLog
index 771632c99eb005e115973cd2ae316b2556875cee..84710c46f97a6b27a2cf5497785227776b44b89b 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,8 @@
 2016-08-04  Niels Möller  <nisse@lysator.liu.se>
 
+       * dsa-sign.c (dsa_sign): Return failure if p is even, so that an
+       invalid key doesn't result in a crash inside mpz_powm_sec.
+
        * rsa-sign-tr.c (rsa_compute_root_tr): Return failure if any of p,
        q or n is even, to avoid crashing inside mpz_powm_sec. Invalid
        keys with even modulo are rejected by rsa_public_key_prepare and
diff --git a/dsa-sign.c b/dsa-sign.c
index 9d6bb1849de248604b9e3c8403167e85b060b116..b713743e9df58b556888653e0ff6a0b2e155bd2b 100644 (file)
--- a/dsa-sign.c
+++ b/dsa-sign.c
@@ -56,6 +56,11 @@ dsa_sign(const struct dsa_params *params,
   mpz_t tmp;
   int res;
   
+  /* Check that p is odd, so that invalid keys don't result in a crash
+     inside mpz_powm_sec. */
+  if (mpz_even_p (params->p))
+    return 0;
+
   /* Select k, 0<k<q, randomly */
   mpz_init_set(tmp, params->q);
   mpz_sub_ui(tmp, tmp, 1);
Mirror of https://git.lysator.liu.se/nettle/nettle.git