CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2015/09/10 12:12:55
Modified files:
lib/libssl/src/crypto/dsa: dsa_ameth.c
Log message:
When loading a DSA key from an raw (without DH parameters) ASN.1 serialization,
perform some consistency checks on its `p' and `q' values, and return an
error if the checks failed.
Thanks for Georgi Guninski (guninski at guninski dot com) for mentioning
the possibility of a weak (non prime) q value and providing a test case.
See https://cpunks.org/pipermail/cypherpunks/2015-September/009007.html
for a longer discussion.
ok bcook@ beck@
