On Thu, Feb 24, 2022 at 01:31:12AM -0700, Theo Buehler wrote: > CVSROOT: /cvs > Module name: src > Changes by: t...@cvs.openbsd.org 2022/02/24 01:31:12 > > Modified files: > lib/libcrypto/dsa: dsa_ameth.c > > Log message: > Add sanity checks on p and q in old_dsa_priv_decode() > > dsa_do_verify() has checks on dsa->p and dsa->q that ensure that p isn't > overly long and that q has one of the three allowed lengths specified in > FIPS 186-3, namely 160, 224, or 256. > > Do these checks on deserialization of DSA keys without parameters. This > means that we will now reject keys we would previously deserialize. Such > keys are useless in that signatures generated by them would be rejected > by both LibreSSL and OpenSSL. > > This avoids a timeout flagged in oss-fuzz #26899 due to a ridiculous > DSA key whose q has size 65KiB. The timeout comes from additional checks > on DSA keys added by miod in dsa_ameth.c r1.18, especially checking such > a humungous number for primality is expensive. > > ok jsing
This broke ssh regress. > usr.bin/ssh: Exit: 1 Duration: 00:00:04 Log: 230-usr.bin-ssh.log ==== t6 ==== ssh-keygen -if /home/src/regress/usr.bin/ssh/dsa_ssh2.prv > t6.out1 ssh-keygen -if /home/src/regress/usr.bin/ssh/dsa_ssh2.pub > t6.out2 chmod 600 t6.out1 ssh-keygen -yf t6.out1 | diff - t6.out2 1,37d0 < Private-Key: (1024 bit) < priv: < 00:c7:16:fa:28:46:76:97:75:96:de:58:64:d3:aa: < 68:07:07:51:94:f4 < pub: < 5a:8f:b6:39:8a:47:a1:ca:02:78:a9:30:d2:95:5c: < a9:b0:fb:95:fa:7e:7d:b4:c4:b4:7b:6a:5f:ad:21: < bc:ef:27:f9:af:de:00:28:19:89:7a:1a:39:38:ee: < b0:61:a5:c2:c6:c5:41:ec:01:5b:49:40:fa:ef:90: < 0a:f2:61:c5:e2:fd:7f:fb:b4:96:2a:4e:5f:f3:19: < 4c:08:c4:8f:67:d2:b4:fa:3f:d6:d5:df:ea:da:a9: < 21:9e:70:d9:a2:53:87:0e:89:8b:03:e5:34:d2:2e: < 72:6b:f8:e7:4d:5c:f2:0c:f5:8b:16:95:8a:f2:ed: < f1:18:13:c0:61:7d:f6:e2 < P: < 00:b0:51:f9:b7:03:16:53:ba:dd:e2:70:19:b0:09: < c0:f8:f2:76:3a:e0:7c:ee:10:b9:50:fa:f1:2a:8c: < 87:11:2e:8e:3d:7a:cf:c3:41:37:8b:35:0f:a4:74: < a4:42:7e:8b:a8:b0:63:6f:d1:6a:b1:46:d1:74:b5: < 4b:16:75:7c:52:df:ba:07:19:ae:10:3e:e8:01:74: < 74:5d:ed:89:59:19:9b:fc:92:0c:7b:16:ca:1e:a5: < 8e:ef:ec:4e:bc:df:ff:7b:76:fd:b3:c4:bd:c0:19: < a8:13:13:35:ab:ed:f9:74:c8:f7:b1:01:a6:68:0e: < fb:50:ae:b8:d7:e3:80:4b:9b < Q: < 00:de:0b:4e:37:61:5a:3d:66:8d:33:00:47:88:03: < 8b:99:87:82:c1:09 < G: < 00:96:42:4b:ef:33:19:c3:f1:e1:64:4b:59:28:9c: < 57:cc:27:50:a4:b9:17:d3:37:7e:02:05:9e:9d:63: < b5:53:48:67:a6:cb:84:30:b4:57:4c:2a:6a:2e:7c: < 3d:1e:2a:0c:b7:a7:95:8e:79:60:98:2a:d1:78:16: < 18:c7:29:99:3f:69:ac:45:8e:32:1b:b6:4a:e7:96: < f5:e0:eb:84:08:d7:57:52:67:20:4d:eb:f5:62:42: < 41:cf:4a:45:03:17:e0:3a:00:01:21:ac:d6:d0:6c: < 01:52:bd:aa:35:91:3b:cd:b4:f0:ad:2f:40:24:50: < 87:6e:10:cc:c6:41:f2:c2:4c *** Error 1 in . (Makefile:168 't6') FAILED *** Error 1 in /home/src/regress/usr.bin/ssh (<bsd.regress.mk>:97 'regress': if make -C /home/src/regress/usr.bin/ssh t6; then echo -n "SUC...) robsd-regress-exec: process group exited 2
