mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 16:05:43 +01:00
Fix potential DoS by limiting number sizes in exponentiation
Check that the exponent and modulus is below `MBEDTLS_MPI_MAX_BITS` before performing a time expensive operation (modular exponentiation). This prevents a potential DoS from Diffie-Hellman computations with extremely large key sizes. Signed-off-by: Chris Jones <christopher.jones@arm.com>
This commit is contained in:
parent
401ba5e9b7
commit
ad59a2a4a7
@ -2058,6 +2058,10 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A,
|
||||
if( mbedtls_mpi_cmp_int( E, 0 ) < 0 )
|
||||
return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
|
||||
|
||||
if( mbedtls_mpi_bitlen( E ) > MBEDTLS_MPI_MAX_BITS ||
|
||||
mbedtls_mpi_bitlen( N ) > MBEDTLS_MPI_MAX_BITS )
|
||||
return ( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
|
||||
|
||||
/*
|
||||
* Init temps and window size
|
||||
*/
|
||||
|
Loading…
Reference in New Issue
Block a user