CVSROOT: /cvs
Module name: src
Changes by: t...@cvs.openbsd.org 2023/03/04 14:37:37
Modified files:
lib/libcrypto/ecdsa: ecs_ossl.c
Log message:
Cap the number of iterations in ECDSA signing
ECDSA is essentially the same thing as DSA, except that it is slightly
less stupid. Signing specifies an infinite loop, which is only possible
with arbitrary ECDSA domain parameters. Fortunately, most use of ECDSA
in the wild is based on well-known groups, so it is known a priori that
the loop is not infinite. Still, infinite loops are bad. A retry is
unlikely, 32 retries have a probability of ~2^-8000. So it's pretty
safe to error out.
ok beck jsing
