mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 00:05:36 +01:00
DHM: Fix dhm_check_range() always returning 0
Although the variable ret was initialised to an error, the MBEDTLS_MPI_CHK macro was overwriting it. Therefore it ended up being 0 whenewer the bignum computation was successfull and stayed 0 independently of the actual check.
This commit is contained in:
parent
4b151fabb7
commit
aa325d7b7f
@ -1,6 +1,10 @@
|
||||
mbed TLS ChangeLog (Sorted per branch, date)
|
||||
|
||||
= mbed TLS x.x.x released xxxx-xx-xx
|
||||
= mbed TLS x.x.x branch released xxxx-xx-xx
|
||||
|
||||
Security
|
||||
* Fix dhm_check_range() failing to detect trivial subgroups and essentially
|
||||
always returning 0. Reported by prashantkspatil.
|
||||
|
||||
Bugfix
|
||||
* Fix ssl_parse_record_header() to silently discard invalid DTLS records
|
||||
|
@ -93,6 +93,9 @@ static int dhm_read_bignum( mbedtls_mpi *X,
|
||||
*
|
||||
* Parameter should be: 2 <= public_param <= P - 2
|
||||
*
|
||||
* This means that we need to return an error if
|
||||
* public_param < 2 or public param > P-2
|
||||
*
|
||||
* For more information on the attack, see:
|
||||
* http://www.cl.cam.ac.uk/~rja14/Papers/psandqs.pdf
|
||||
* http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2643
|
||||
@ -100,17 +103,17 @@ static int dhm_read_bignum( mbedtls_mpi *X,
|
||||
static int dhm_check_range( const mbedtls_mpi *param, const mbedtls_mpi *P )
|
||||
{
|
||||
mbedtls_mpi L, U;
|
||||
int ret = MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
|
||||
int ret = 0;
|
||||
|
||||
mbedtls_mpi_init( &L ); mbedtls_mpi_init( &U );
|
||||
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &L, 2 ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &U, P, 2 ) );
|
||||
|
||||
if( mbedtls_mpi_cmp_mpi( param, &L ) >= 0 &&
|
||||
mbedtls_mpi_cmp_mpi( param, &U ) <= 0 )
|
||||
if( mbedtls_mpi_cmp_mpi( param, &L ) < 0 ||
|
||||
mbedtls_mpi_cmp_mpi( param, &U ) > 0 )
|
||||
{
|
||||
ret = 0;
|
||||
ret = MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
|
||||
}
|
||||
|
||||
cleanup:
|
||||
|
Loading…
Reference in New Issue
Block a user