root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
openssl/include/crypto
History
sashan 6dacee485f RSA decoder should check also sanity of p, q, e, d ... with respect to n 
This issue has been discovered by osss-fuzzer [1]. The test function decodes
RSA key created by fuzzer and calls EVP_PKEY_pairwise_check() which
proceeds to ossl_bn_miller_rabin_is_prime() check which takes too long
exceeding timeout (45secs).

The idea is to fix OSSL_DECODER_from_data() code path so invalid
RSA keys will be refused.

[1] https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69134

Test case generated by the fuzzer is added.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25190)
 		2024-08-28 16:50:46 +02:00
..
__DECC_INCLUDE_EPILOGUE.H
__DECC_INCLUDE_PROLOGUE.H
aes_platform.h enable AES-XTS optimization for AIX 2024-05-30 18:46:43 +02:00
aria.h
asn1.h fix: drop DSA <=> dsaWithSHA1 aliasing 2024-07-12 11:20:23 +02:00
asn1_dsa.h
asn1err.h
async.h
asyncerr.h
bioerr.h
bn.h Fix '--strict-warnings' build breakage 2024-08-07 19:24:57 +02:00
bn_conf.h.in
bn_dh.h
bn_srp.h
bnerr.h
buffererr.h
chacha.h riscv: Provide a vector implementation of CHACHA20 cipher. 2023-10-26 15:55:50 +01:00
cmac.h Add FIPS indicator to CMAC. 2024-07-31 09:04:17 +10:00
cmll_platform.h
cmperr.h CMP client: fix error response on -csr without private key, also in docs 2023-05-12 10:46:27 +02:00
cmserr.h
comperr.h
conferr.h Detect and prevent recursive config parsing 2023-12-21 13:38:31 -05:00
context.h Add FIPS indicator callback. 2024-07-11 08:29:43 +10:00
crmferr.h
cryptlib.h
cryptoerr.h Use the new hashtable for core_namemap 2024-08-21 15:21:26 +02:00
cterr.h
ctype.h
decoder.h Copyright year updates 2023-09-07 09:59:15 +01:00
decodererr.h
des_platform.h
dh.h
dherr.h Make DH_check_pub_key() and DH_generate_key() safer yet 2023-11-06 07:55:01 +00:00
dsa.h Avoid setting gen_type to -1 in dsa_gen_set_params 2023-12-14 11:17:48 +01:00
dsaerr.h Fix infinite loops in DSA sign code. 2023-03-01 09:20:49 +11:00
dso_conf.h.in
ec.h
ecerr.h Fix potential infinite loops in ECDSA signing. 2023-03-01 09:20:49 +11:00
ecx.h FIPS: Add EDDSA public key validation. 2024-08-23 21:23:53 +02:00
encoder.h
encodererr.h
engine.h
engineerr.h
err.h
ess.h
esserr.h
evp.h Implementation of the RFC 9579, PBMAC1 in PKCS#12 2024-08-07 10:00:16 +02:00
evperr.h EVP_PKEY_get_{bits,security_bits,size}(): add missing error queue entry on failure 2023-10-26 16:03:48 +01:00
httperr.h Limit the number of http headers when receiving the http response 2024-03-12 19:35:41 +01:00
lhash.h
md32_common.h
modes.h
objects.h
objectserr.h
ocsperr.h
pem.h
pemerr.h
pkcs7.h
pkcs7err.h
pkcs12err.h
poly1305.h
ppc_arch.h
punycode.h Copyright year updates 2023-09-07 09:59:15 +01:00
rand.h rand: implement an unbiased random integer from a range 2023-11-01 12:05:28 +01:00
rand_pool.h
randerr.h rand: add extra error code 2023-09-27 17:22:54 +01:00
riscv_arch.def riscv: use hwprobe syscall for capability detection 2024-05-09 10:50:42 +02:00
riscv_arch.h riscv: use hwprobe syscall for capability detection 2024-05-09 10:50:42 +02:00
rsa.h RSA decoder should check also sanity of p, q, e, d ... with respect to n 2024-08-28 16:50:46 +02:00
rsaerr.h
security_bits.h
sha.h Copyright year updates 2023-09-07 09:59:15 +01:00
siphash.h
siv.h
sm2.h
sm2err.h
sm4.h
sm4_platform.h riscv: Fix cpuid_obj asm checks for sm4/sm3 2024-07-12 11:09:02 +01:00
sparc_arch.h
sparse_array.h
store.h
storeerr.h
tserr.h
types.h Copyright year updates 2023-09-07 09:59:15 +01:00
uierr.h
x509.h constify ossl_x509at_add1_attr() 2024-07-10 16:19:06 +02:00
x509_acert.h Add support for targetingInformation X.509v3 extension 2024-06-17 14:03:25 +02:00
x509err.h
x509v3err.h