simon-git: putty (master): Simon Tatham
Commits to Tartarus hosted VCS
tartarus-commits at lists.tartarus.org
Sun Feb 10 20:17:25 GMT 2019
TL;DR:
8957e613 Add missing sanity checks in ssh_dss_verify.
Repository: https://git.tartarus.org/simon/putty.git
On the web: https://git.tartarus.org/?p=simon/putty.git
Branch updated: master
Committer: Simon Tatham <anakin at pobox.com>
Date: 2019-02-10 20:17:25
commit 8957e613bc1c2574a6ab1190244ae2b4868831ed
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=8957e613bc1c2574a6ab1190244ae2b4868831ed;hp=22131a51fa9790fb57dc9d6cf783535e85e6edc8
Author: Simon Tatham <anakin at pobox.com>
Date: Sun Feb 10 18:07:27 2019 +0000
Add missing sanity checks in ssh_dss_verify.
The standard says we should be checking that both r,s are in the range
[1,q-1]. Previously we were effectively reducing s mod q in the course
of inversion, and modinv() was guaranteeing never to return zero; the
remaining missing checks were benign. But the change from Bignum to
mp_int altered the error behaviour, and combined with the missing
upper bound check on s, made it possible to continue verification with
w == 0 mod q, which is a bad case.
Added a small DSA test case, including a check that none of these
types of signatures validates.
sshdss.c | 8 +++++++-
test/cryptsuite.py | 22 ++++++++++++++++++++++
2 files changed, 29 insertions(+), 1 deletion(-)
More information about the tartarus-commits
mailing list