Reject excessively large primes in DH key generation. Problem reported - wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

diff options

author	sthen <sthen@openbsd.org>	2018-06-12 15:32:54 +0000
committer	sthen <sthen@openbsd.org>	2018-06-12 15:32:54 +0000
commit	542935298aa400266620320f6a9a2112e11adb7e (patch)
tree	5bb45077e9ca406da73c17bca57d2979cb36836a /sys/dev/fdt/imxccm.c
parent	Use sizeof(char ) not sizeof(char *) when allocating an array (diff)
download	wireguard-openbsd-542935298aa400266620320f6a9a2112e11adb7e.tar.xz wireguard-openbsd-542935298aa400266620320f6a9a2112e11adb7e.zip

Reject excessively large primes in DH key generation. Problem reported

by Guido Vranken to OpenSSL (https://github.com/openssl/openssl/pull/6457) and based on his diff. suggestions from tb@, ok tb@ jsing@ "During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack."

Diffstat (limited to 'sys/dev/fdt/imxccm.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: