diff options
| author | Bodo Möller <bodo@openssl.org> | 2006-09-28 13:45:34 +0000 |
|---|---|---|
| committer | Bodo Möller <bodo@openssl.org> | 2006-09-28 13:45:34 +0000 |
| commit | 5e3225cc44ebdce3a88d04a627e975b3e76a6f9a (patch) | |
| tree | 40fc0efbaf2e75215453e71a5b6b8b326d3bee0f /crypto/dh | |
| parent | 61118caa86ecf8acba2c6d17caabeed9022acf9d (diff) | |
| download | openssl-5e3225cc44ebdce3a88d04a627e975b3e76a6f9a.zip openssl-5e3225cc44ebdce3a88d04a627e975b3e76a6f9a.tar.gz openssl-5e3225cc44ebdce3a88d04a627e975b3e76a6f9a.tar.bz2 | |
Introduce limits to prevent malicious keys being able to
cause a denial of service. (CVE-2006-2940)
[Steve Henson, Bodo Moeller]
Diffstat (limited to 'crypto/dh')
| -rw-r--r-- | crypto/dh/dh.h | 7 | ||||
| -rw-r--r-- | crypto/dh/dh_err.c | 1 | ||||
| -rw-r--r-- | crypto/dh/dh_key.c | 6 |
3 files changed, 13 insertions, 1 deletions
diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h index ecd61f3..86499b4 100644 --- a/crypto/dh/dh.h +++ b/crypto/dh/dh.h @@ -73,6 +73,10 @@ #include <openssl/bn.h> #endif +#ifndef OPENSSL_DH_MAX_MODULUS_BITS +# define OPENSSL_DH_MAX_MODULUS_BITS 10000 +#endif + #define DH_FLAG_CACHE_MONT_P 0x01 #define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH * implementation now uses constant time @@ -239,11 +243,12 @@ void ERR_load_DH_strings(void); /* Reason codes. */ #define DH_R_BAD_GENERATOR 101 -#define DH_R_BN_DECODE_ERROR 103 +#define DH_R_BN_DECODE_ERROR 109 #define DH_R_BN_ERROR 106 #define DH_R_DECODE_ERROR 104 #define DH_R_INVALID_PUBKEY 102 #define DH_R_KEYS_NOT_SET 108 +#define DH_R_MODULUS_TOO_LARGE 103 #define DH_R_NO_PARAMETERS_SET 107 #define DH_R_NO_PRIVATE_VALUE 100 #define DH_R_PARAMETER_ENCODING_ERROR 105 diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c index 86d8cdd..ea5aeed 100644 --- a/crypto/dh/dh_err.c +++ b/crypto/dh/dh_err.c @@ -95,6 +95,7 @@ static ERR_STRING_DATA DH_str_reasons[]= {ERR_REASON(DH_R_DECODE_ERROR) ,"decode error"}, {ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"}, {ERR_REASON(DH_R_KEYS_NOT_SET) ,"keys not set"}, +{ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"}, {ERR_REASON(DH_R_NO_PARAMETERS_SET) ,"no parameters set"}, {ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"}, {ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"}, diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 79984e1..cb5abdc 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -179,6 +179,12 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) int ret= -1; int check_result; + if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) + { + DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE); + goto err; + } + ctx = BN_CTX_new(); if (ctx == NULL) goto err; BN_CTX_start(ctx); |