diff options
| author | Xin LI <delphij@FreeBSD.org> | 2013-04-02 17:34:42 +0000 |
|---|---|---|
| committer | Xin LI <delphij@FreeBSD.org> | 2013-04-02 17:34:42 +0000 |
| commit | 0d9d75b124880ee5a3aeb5c2af92a04340c02bef (patch) | |
| tree | 953639ad57c000dc6351819b4798541490d39802 /crypto/openssl/crypto/ec | |
| parent | 660eb4006e69a82831062be4a4af070afccf64bc (diff) | |
| download | src-releng/9.0.tar.gz src-releng/9.0.zip | |
Fix OpenSSL multiple vulnerabilities. [13:03]releng/9.0
Fix BIND remote denial of service. [13:04]
Security: CVE-2013-0166, CVE-2013-0169
Security: FreeBSD-SA-13:03.openssl
Security: CVE-2013-2266
Security: FreeBSD-SA-13:04.bind
Approved by: so
Notes
Notes:
svn path=/releng/9.0/; revision=249029
Diffstat (limited to 'crypto/openssl/crypto/ec')
| -rw-r--r-- | crypto/openssl/crypto/ec/ec2_smpl.c | 5 | ||||
| -rw-r--r-- | crypto/openssl/crypto/ec/ec_key.c | 8 | ||||
| -rw-r--r-- | crypto/openssl/crypto/ec/ecp_smpl.c | 3 |
3 files changed, 14 insertions, 2 deletions
diff --git a/crypto/openssl/crypto/ec/ec2_smpl.c b/crypto/openssl/crypto/ec/ec2_smpl.c index 522d036ca1da..c06b3b667f0b 100644 --- a/crypto/openssl/crypto/ec/ec2_smpl.c +++ b/crypto/openssl/crypto/ec/ec2_smpl.c @@ -821,7 +821,7 @@ int ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_ field_sqr = group->meth->field_sqr; /* only support affine coordinates */ - if (!point->Z_is_one) goto err; + if (!point->Z_is_one) return -1; if (ctx == NULL) { @@ -871,6 +871,9 @@ int ec_GF2m_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT { return EC_POINT_is_at_infinity(group, b) ? 0 : 1; } + + if (EC_POINT_is_at_infinity(group, b)) + return 1; if (a->Z_is_one && b->Z_is_one) { diff --git a/crypto/openssl/crypto/ec/ec_key.c b/crypto/openssl/crypto/ec/ec_key.c index 12fb0e6d6d73..522802c07ae1 100644 --- a/crypto/openssl/crypto/ec/ec_key.c +++ b/crypto/openssl/crypto/ec/ec_key.c @@ -304,7 +304,13 @@ int EC_KEY_check_key(const EC_KEY *eckey) ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_PASSED_NULL_PARAMETER); return 0; } - + + if (EC_POINT_is_at_infinity(eckey->group, eckey->pub_key)) + { + ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_POINT_AT_INFINITY); + goto err; + } + if ((ctx = BN_CTX_new()) == NULL) goto err; if ((point = EC_POINT_new(eckey->group)) == NULL) diff --git a/crypto/openssl/crypto/ec/ecp_smpl.c b/crypto/openssl/crypto/ec/ecp_smpl.c index 4d26f8bdf692..66a92e2a9005 100644 --- a/crypto/openssl/crypto/ec/ecp_smpl.c +++ b/crypto/openssl/crypto/ec/ecp_smpl.c @@ -1406,6 +1406,9 @@ int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT * { return EC_POINT_is_at_infinity(group, b) ? 0 : 1; } + + if (EC_POINT_is_at_infinity(group, b)) + return 1; if (a->Z_is_one && b->Z_is_one) { |