Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
1 年多 前同步成功

通知 10
Star 18
Fork 1
T
Third Party Openssl
切换分支/标签
  1. 20 7月, 2023 1 次提交
    • M
      Fix DH_check() excessive time with over sized modulus · 9a81b024
      Matt Caswell 提交于 
      The DH_check() function checks numerous aspects of the key or parameters
that have been supplied. Some of those checks use the supplied modulus
value even if it is excessively large.

There is already a maximum DH modulus size (10,000 bits) over which
OpenSSL will not generate or derive keys. DH_check() will however still
perform various tests for validity on such a large modulus. We introduce a
new maximum (32,768) over which DH_check() will just fail.

An application that calls DH_check() and supplies a key or parameters
obtained from an untrusted source could be vulnerable to a Denial of
Service attack.

The function DH_check() is itself called by a number of other OpenSSL
functions. An application calling any of those other functions may
similarly be affected. The other functions affected by this are
DH_check_ex() and EVP_PKEY_param_check().

CVE-2023-3446
Reviewed-by: NPaul Dale <pauli@openssl.org>
Reviewed-by: NTom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: NTomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21451)

(cherry picked from commit 9e0094e2aa1b3428a12d5095132f133c078d3c3d)
Signed-off-by: Ncode4lala <fengziteng2@huawei.com>
      9a81b024
  3. 12 4月, 2023 2 次提交
  5. 01 7月, 2022 1 次提交
  7. 10 8月, 2021 1 次提交
  9. 17 3月, 2020 1 次提交
  11. 27 2月, 2020 1 次提交
  13. 06 2月, 2020 1 次提交
  15. 01 11月, 2019 1 次提交
  17. 28 9月, 2019 2 次提交
    • D
      Reorganize local header files · b5acbf91
      Dr. Matthias St. Pierre 提交于 
      Apart from public and internal header files, there is a third type called
local header files, which are located next to source files in the source
directory. Currently, they have different suffixes like

  '*_lcl.h', '*_local.h', or '*_int.h'

This commit changes the different suffixes to '*_local.h' uniformly.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9681)
      b5acbf91
    • D
      Reorganize private crypto header files · 0c994d54
      Dr. Matthias St. Pierre 提交于 
      Currently, there are two different directories which contain internal
header files of libcrypto which are meant to be shared internally:

While header files in 'include/internal' are intended to be shared
between libcrypto and libssl, the files in 'crypto/include/internal'
are intended to be shared inside libcrypto only.

To make things complicated, the include search path is set up in such
a way that the directive #include "internal/file.h" could refer to
a file in either of these two directoroes. This makes it necessary
in some cases to add a '_int.h' suffix to some files to resolve this
ambiguity:

  #include "internal/file.h"      # located in 'include/internal'
  #include "internal/file_int.h"  # located in 'crypto/include/internal'

This commit moves the private crypto headers from

  'crypto/include/internal'  to  'include/crypto'

As a result, the include directives become unambiguous

  #include "internal/file.h"       # located in 'include/internal'
  #include "crypto/file.h"         # located in 'include/crypto'

hence the superfluous '_int.h' suffixes can be stripped.

The files 'store_int.h' and 'store.h' need to be treated specially;
they are joined into a single file.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9681)
      0c994d54
  19. 10 9月, 2019 1 次提交
  21. 09 9月, 2019 3 次提交
  23. 24 7月, 2019 1 次提交
  25. 28 5月, 2019 1 次提交
  27. 21 5月, 2019 1 次提交
  29. 27 3月, 2019 1 次提交
    • J
      Increase rounds of Miller-Rabin testing DH_check · af6ce3b4
      Jake Massimo 提交于 
      DH_check is used to test the validity of Diffie-Hellman parameter sets (p, q, g). Among the tests performed are primality tests on p and q, for this BN_is_prime_ex is called with the rounds of Miller-Rabin set as default. This will therefore use the average case error estimates derived from the function BN_prime_checks_for_size based on the bit size of the number tested.

However, these bounds are only accurate on testing random input. Within this testing scenario, where we are checking the validity of a DH parameter set, we can not assert that these parameters are randomly generated. Thus we must treat them as if they are adversarial in nature and increase the rounds of Miller-Rabin performed.

Generally, each round of Miller-Rabin can declare a composite number prime with probability at most (1/4), thus 64 rounds is sufficient in thwarting known generation techniques (even in safe prime settings - see https://eprint.iacr.org/2019/032 for full analysis). The choice of 64 rounds is also consistent with SRP_NUMBER_ITERATIONS_FOR_PRIME 64 as used in srp_Verify_N_and_g in openssl/apps/s_client.c.
Reviewed-by: NPaul Dale <paul.dale@oracle.com>
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8593)

(cherry picked from commit 2500c093aa1e9c90c11c415053c0a27a00661d0d)
      af6ce3b4
  31. 19 3月, 2019 1 次提交
  33. 05 9月, 2018 2 次提交
  35. 20 6月, 2018 1 次提交
  37. 12 6月, 2018 1 次提交
  39. 29 5月, 2018 1 次提交
  41. 18 5月, 2018 1 次提交
  43. 17 4月, 2018 1 次提交
  45. 03 4月, 2018 2 次提交
  47. 21 3月, 2018 1 次提交
  49. 20 11月, 2017 1 次提交
  51. 18 10月, 2017 1 次提交
  53. 13 10月, 2017 2 次提交
  55. 12 10月, 2017 5 次提交
  57. 09 10月, 2017 1 次提交