summaryrefslogtreecommitdiffstats
path: root/test/recipes/91-test_pkey_check.t
AgeCommit message (Collapse)Author
2024-04-09Copyright year updatesRichard Levitte
Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0) Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24034)
2024-01-15Limit the execution time of RSA public key checkTomas Mraz
Fixes CVE-2023-6237 If a large and incorrect RSA public key is checked with EVP_PKEY_public_check() the computation could take very long time due to no limit being applied to the RSA public key size and unnecessarily high number of Miller-Rabin algorithm rounds used for non-primality check of the modulus. Now the keys larger than 16384 bits (OPENSSL_RSA_MAX_MODULUS_BITS) will fail the check with RSA_R_MODULUS_TOO_LARGE error reason. Also the number of Miller-Rabin rounds was set to 5. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23243)
2023-09-07Copyright year updatesMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
2023-02-07Add test for DSA pubkey without param import and checkTomas Mraz
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
2022-06-15test_pkey_check: Positive testcase for private key with unknown parametersTomas Mraz
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18099)
2021-01-28Update copyright yearRichard Levitte
Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13999)
2021-01-08[test][pkey_check] Add more invalid SM2 key testsNicola Tuveri
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13359)
2021-01-08[test][pkey_check] Add invalid SM2 key testNicola Tuveri
SM2 private keys have different validation requirements than EC keys: this test checks one corner case highlighted in https://github.com/openssl/openssl/issues/8435 As @bbbrumley mentioned in https://github.com/openssl/openssl/issues/8435#issuecomment-720504282 this only fixes the absence of a regression test for validation of this kind of boundary issues for decoded SM2 keys. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13359)
2021-01-08[test] Add `pkey -check` validation testsNicola Tuveri
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13359)
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-04 23:12:34 +0000