[openssl/openssl] ec061b: Make DH_check_pub_key() and DH_generate_key() safe...

Richard Levitte noreply at github.com
Mon Nov 6 07:56:34 UTC 2023 

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: ec061bf8ff2add8050599058557178c03295bcc0
      https://github.com/openssl/openssl/commit/ec061bf8ff2add8050599058557178c03295bcc0
  Author: Richard Levitte <levitte at openssl.org>
  Date:   2023-11-06 (Mon, 06 Nov 2023)

  Changed paths:
    M crypto/dh/dh_check.c
    M crypto/dh/dh_err.c
    M crypto/dh/dh_key.c
    M crypto/err/openssl.txt
    M include/crypto/dherr.h
    M include/openssl/dh.h
    M include/openssl/dherr.h

  Log Message:
  -----------
  Make DH_check_pub_key() and DH_generate_key() safer yet

We already check for an excessively large P in DH_generate_key(), but not in
DH_check_pub_key(), and none of them check for an excessively large Q.

This change adds all the missing excessive size checks of P and Q.

It's to be noted that behaviours surrounding excessively sized P and Q
differ.  DH_check() raises an error on the excessively sized P, but only
sets a flag for the excessively sized Q.  This behaviour is mimicked in
DH_check_pub_key().

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22453)


  Commit: bc224e7edf87bbb353d51e9cb5c5999af8828856
      https://github.com/openssl/openssl/commit/bc224e7edf87bbb353d51e9cb5c5999af8828856
  Author: Richard Levitte <levitte at openssl.org>
  Date:   2023-11-06 (Mon, 06 Nov 2023)

  Changed paths:
    M include/internal/ffc.h

  Log Message:
  -----------
  Fix conflicts between DH check flags and FFC check flags

There are comments in include/openssl/dh.h and include/internal/ffc.h
that they must be aligned with each other, and yet, clashes have been
introduced.

The simplest fix is to move the offending FFC flags out of the way, as they
are indeed internal and shouldn't affect any public interface, apart from
those that are aligned with the DH flags, which are public.

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22453)


Compare: https://github.com/openssl/openssl/compare/4ede274cf9b7...bc224e7edf87

More information about the openssl-commits mailing list