Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
Dmitry Baryshkov
nettle
Commits
52b92231
Commit
52b92231
authored
Aug 04, 2016
by
Niels Möller
Browse files
Reject invalid keys, with even moduli, in rsa_compute_root_tr.
parent
5eb30d94
Changes
2
Hide whitespace changes
Inline
Side-by-side
ChangeLog
View file @
52b92231
2016-08-04 Niels Möller <nisse@lysator.liu.se>
* rsa-sign-tr.c (rsa_compute_root_tr): Return failure if any of p,
q or n is even, to avoid crashing inside mpz_powm_sec. Invalid
keys with even modulo are rejected by rsa_public_key_prepare and
rsa_private_key_prepare, but some applications, notably gnutls,
don't use them.
2016-07-31 Niels Möller <nisse@lysator.liu.se>
* rsa.c (_rsa_check_size): Check that n is odd. Otherwise, using
...
...
rsa-sign-tr.c
View file @
52b92231
...
...
@@ -88,6 +88,14 @@ rsa_compute_root_tr(const struct rsa_public_key *pub,
int
res
;
mpz_t
t
,
mb
,
xb
,
ri
;
/* mpz_powm_sec handles only odd moduli. If p, q or n is even, the
key is invalid and rejected by rsa_private_key_prepare. However,
some applications, notably gnutls, don't use this function, and
we don't want an invalid key to lead to a crash down inside
mpz_powm_sec. So do an additional check here. */
if
(
mpz_even_p
(
pub
->
n
)
||
mpz_even_p
(
key
->
p
)
||
mpz_even_p
(
key
->
q
))
return
0
;
mpz_init
(
mb
);
mpz_init
(
xb
);
mpz_init
(
ri
);
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment