openssl

generic-library/openssl

Fork 0

Commit Graph

Author	SHA1	Message	Date
Dr. Stephen Henson	966fe81f9b	Fix SRP buffer overrun vulnerability. Invalid parameters passed to the SRP code can be overrun an internal buffer. Add sanity check that g, A, B < N to SRP code. Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC Group for reporting this issue. Reviewed-by: Kurt Roeckx <kurt@openssl.org>	2014-08-06 20:27:51 +01:00
Andy Polyakov	4ade6a8ca4	srp/srp_grps.h: make it Compaq C-friendly. PR: 3165 Submitted by: Daniel Richard G. (cherry picked from commit 2df9ec01d563f9cc2deab07e8c3391059d476592) (cherry picked from commit 0de70011adf6952e3b975d1a8a383879b64f3b77)	2013-11-12 22:20:45 +01:00
Ben Laurie	a149b2466e	Add SRP.	2011-03-16 11:26:40 +00:00

Author

SHA1

Message

Date

Dr. Stephen Henson

966fe81f9b

Fix SRP buffer overrun vulnerability.

Invalid parameters passed to the SRP code can be overrun an internal
buffer. Add sanity check that g, A, B < N to SRP code.

Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC
Group for reporting this issue.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>

2014-08-06 20:27:51 +01:00

Andy Polyakov

4ade6a8ca4

srp/srp_grps.h: make it Compaq C-friendly.

PR: 3165
Submitted by: Daniel Richard G.
(cherry picked from commit 2df9ec01d563f9cc2deab07e8c3391059d476592)
(cherry picked from commit 0de70011adf6952e3b975d1a8a383879b64f3b77)

2013-11-12 22:20:45 +01:00

Ben Laurie

a149b2466e

Add SRP.

2011-03-16 11:26:40 +00:00

3 Commits