首页 开源 资讯 活动 开源许可证
软件工程云服务
软件代码质量检测云服务 持续集成与部署云服务 社区个性化内容推荐服务 贡献审阅人推荐服务 群体化学习服务 重睛鸟代码扫描工具
Watch 1 Star 0 Fork 54

zhangxianting/edk2

forked from src-openEuler/edk2 
代码 Issues 0 Pull Requests 0 Wiki 0 统计
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
项目仓库所选许可证以仓库主分支所使用许可证为准
克隆/下载
0009-dhtest.c-Add-test-of-DH_check-with-q-p-1.patch 1.79 KB
一键复制 编辑 原始数据 按行查看 历史
YeXiao 提交于 2024-01-26 10:32 . Fix some CVE
12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152
From 6f3b1ae0a836880038787a1315b5b815f2951c8d Mon Sep 17 00:00:00 2001

From: Tomas Mraz <tomas@openssl.org>

Date: Tue, 25 Jul 2023 15:23:43 +0200

Subject: [PATCH 7/9] dhtest.c: Add test of DH_check() with q = p + 1



This must fail with DH_CHECK_INVALID_Q_VALUE and

with DH_CHECK_Q_NOT_PRIME unset.



Reviewed-by: Matt Caswell <matt@openssl.org>

Reviewed-by: Paul Dale <pauli@openssl.org>

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>

Reviewed-by: Todd Short <todd.short@me.com>



reference: https://github.com/openssl/openssl/pull/21550

Signed-off-by: yexiao <yexiao7@huawei.com>

---

 CryptoPkg/Library/OpensslLib/openssl/test/dhtest.c | 12 ++++++++++++

 1 file changed, 12 insertions(+)



diff --git a/CryptoPkg/Library/OpensslLib/openssl/test/dhtest.c b/CryptoPkg/Library/OpensslLib/openssl/test/dhtest.c

index f8dd8f3a..d02b3b7c 100644

--- a/CryptoPkg/Library/OpensslLib/openssl/test/dhtest.c

+++ b/CryptoPkg/Library/OpensslLib/openssl/test/dhtest.c

@@ -124,6 +124,15 @@ static int dh_test(void)

     /* We'll have a stale error on the queue from the above test so clear it */

     ERR_clear_error();

 

+    if (!TEST_ptr(BN_copy(q, p)) || !TEST_true(BN_add(q, q, BN_value_one())))

+        goto err3;

+

+    if (!TEST_true(DH_check(dh, &i)))

+        goto err3;

+    if (!TEST_true(i & DH_CHECK_INVALID_Q_VALUE)

+        || !TEST_false(i & DH_CHECK_Q_NOT_PRIME))

+        goto err3;

+

     /* Modulus of size: dh check max modulus bits + 1 */

     if (!TEST_true(BN_set_word(p, 1))

             || !TEST_true(BN_lshift(p, p, OPENSSL_DH_CHECK_MAX_MODULUS_BITS)))

@@ -135,6 +144,9 @@ static int dh_test(void)

     if (!TEST_false(DH_check(dh, &i)))

         goto err3;

 

+    /* We'll have a stale error on the queue from the above test so clear it */

+    ERR_clear_error();

+

     /*

      * II) key generation

      */

-- 

2.33.0
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化