CVSROOT: /cvs
Module name: src
Changes by: t...@cvs.openbsd.org 2022/04/07 11:38:24
Modified files:
lib/libcrypto/dsa: dsa_ameth.c
Log message:
Avoid infinite loop on parsing DSA private keys
DSA private keys with ill-chosen g could cause an infinite
loop on deserializing. Add a few sanity checks that ensure
that g is according to the FIPS 186-4: check 1 < g < p and
g^q == 1 (mod p). This is enough to ascertain that g is a
generator of a multiplicative group of order q once we know
that q is prime (which is checked a bit later).
Issue reported with reproducers by Hanno Boeck.
Additional variants and analysis by David Benjamin.
ok beck jsing
