Closed Bug 1303213 Opened 8 years ago Closed 8 years ago

DHE key exchange fails when the peer's dh_Ys is unpadded and shorter than dh_p

Tracking

(Not tracked)

Status:

RESOLVED FIXED

Milestone:

3.27

People

(Reporter: ttaubert, Assigned: ttaubert)

References

Details

Attachments

(1 file)

0001-Bug-1303213-DHE-key-exchange-fails-when-the-peer-s-d.patch 8 years ago Tim Taubert [:ttaubert] (inactive) (deleted), patch	franziskus : review+	Details \| Diff \| Splinter Review

Tim Taubert [:ttaubert] (inactive)

Assignee

Description

•

8 years ago

When we receive an unpadded dh_Ys with a length in bytes shorter than its dh_p we incorrectly compute the DH key hash and thus the signature verification fails.

Tim Taubert [:ttaubert] (inactive)

Assignee

Comment 1

•

8 years ago

Attached patch 0001-Bug-1303213-DHE-key-exchange-fails-when-the-peer-s-d.patch (deleted) — Details — Splinter Review

Attachment #8791814 - Flags: review?(franziskuskiefer)

Tim Taubert [:ttaubert] (inactive)

Assignee

Comment 2

•

8 years ago

https://treeherder.mozilla.org/#/jobs?repo=nss-try&revision=09e4df7b87bc624477a5b4d12f335951cdaa9e06

Franziskus Kiefer [:franziskus]

Updated

•

8 years ago

Attachment #8791814 - Flags: review?(franziskuskiefer) → review+

Tim Taubert [:ttaubert] (inactive)

Assignee

Comment 3

•

8 years ago

https://hg.mozilla.org/projects/nss/rev/fe4f39128371

Status: ASSIGNED → RESOLVED

Closed: 8 years ago

Resolution: --- → FIXED

Target Milestone: --- → 3.27

You need to log in before you can comment on or make changes to this bug.

Bugzilla

DHE key exchange fails when the peer's dh_Ys is unpadded and shorter than dh_p

Categories

(NSS :: Libraries, defect)

Tracking

(Not tracked)

People

(Reporter: ttaubert, Assigned: ttaubert)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Comment 2

Updated

Comment 3

Attachment

General

Description

File Name

Content Type