packages/edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
edk2/0040-Add-a-test-for-CVE-2023-3446.patch
yexiao d3b0038b60 Fix some CVE 
Fix CVE-2023-0464、CVE-2023-0465、CVE-2023-0466
CVE-2023-2650、CVE-2023-3446、CVE-2023-3817、
CVE-2024-0727

Signed-off-by: yexiao <yexiao7@huawei.com>
2024-01-25 02:14:17 +08:00

64 lines
2.2 KiB
Diff
Raw Blame History

From 608d30d14e125a8b8352f864aa0a529418125697 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Fri, 7 Jul 2023 14:39:48 +0100
Subject: [PATCH 06/11] Add a test for CVE-2023-3446
Confirm that the only errors DH_check() finds with DH parameters with an
excessively long modulus is that the modulus is too large. We should not
be performing time consuming checks using that modulus.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
reference: https://github.com/openssl/openssl/pull/21452
Signed-off-by: yexiao <yexiao7@huawei.com>
---
.../Library/OpensslLib/openssl/test/dhtest.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/CryptoPkg/Library/OpensslLib/openssl/test/dhtest.c b/CryptoPkg/Library/OpensslLib/openssl/test/dhtest.c
index 9d5609b9..00b3c471 100644
--- a/CryptoPkg/Library/OpensslLib/openssl/test/dhtest.c
+++ b/CryptoPkg/Library/OpensslLib/openssl/test/dhtest.c
@@ -63,7 +63,7 @@ static int dh_test(void)
|| !TEST_true(DH_set0_pqg(dh, p, q, g)))
goto err1;
- if (!DH_check(dh, &i))
+ if (!TEST_true(DH_check(dh, &i)))
goto err2;
if (!TEST_false(i & DH_CHECK_P_NOT_PRIME)
|| !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME)
@@ -123,6 +123,17 @@ static int dh_test(void)
/* check whether the public key was calculated correctly */
TEST_uint_eq(BN_get_word(pub_key2), 3331L);
+ /* Modulus of size: dh check max modulus bits + 1 */
+ if (!TEST_true(BN_set_word(p, 1))
+ || !TEST_true(BN_lshift(p, p, OPENSSL_DH_CHECK_MAX_MODULUS_BITS)))
+ goto err3;
+
+ /*
+ * We expect no checks at all for an excessively large modulus
+ */
+ if (!TEST_false(DH_check(dh, &i)))
+ goto err3;
+
/*
* II) key generation
*/
@@ -137,7 +148,7 @@ static int dh_test(void)
goto err3;
/* ... and check whether it is valid */
- if (!DH_check(a, &i))
+ if (!TEST_true(DH_check(a, &i)))
goto err3;
if (!TEST_false(i & DH_CHECK_P_NOT_PRIME)
|| !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME)
--
2.33.0
Reference in New Issue View Git Blame Copy Permalink