]> Cypherpunks repositories - gostls13.git/commit
projects / gostls13.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 7e71c9c) | patch
crypto/dsa: prevent bad public keys from causing panic
authorKatie Hockman <katie@golang.org>
Mon, 14 Oct 2019 20:42:21 +0000 (16:42 -0400)
committerKatie Hockman <katie@golang.org>
Tue, 5 Nov 2019 20:21:34 +0000 (20:21 +0000)
commit552987fdbf4c2bc9641016fd323c3ae5d3a0d9a3
tree7d8e67694cfd94ef61dd6f0299acffe1d8a9309dtree
parent7e71c9c3edbf5b7a8608d6f739c20420a618e0abcommit | diff
crypto/dsa: prevent bad public keys from causing panic

dsa.Verify might currently use a nil s inverse in a
multiplication if the public key contains a non-prime Q,
causing a panic. Change this to check that the mod
inverse exists before using it.

Fixes CVE-2019-17596

Fixes #34960

Change-Id: I94d5f3cc38f1b5d52d38dcb1d253c71b7fd1cae7
Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/572809
Reviewed-by: Filippo Valsorda <valsorda@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/205441
Run-TryBot: Katie Hockman <katie@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
src/crypto/dsa/dsa.go diff | blob | history
src/crypto/dsa/dsa_test.go diff | blob | history
Go GOST TLS 1.3