34 lines
1.1 KiB
Diff
34 lines
1.1 KiB
Diff
From 1da1e686a87ad9f95d26786d2b53a1a4c280189f Mon Sep 17 00:00:00 2001
|
|
From: agl <agl@chromium.org>
|
|
Date: Wed, 20 May 2015 13:20:29 -0700
|
|
Subject: [PATCH] NSS: reject DH groups smaller than 1024 bits.
|
|
|
|
Since some platforms are still using NSS for now, this change mirrors https://boringssl-review.googlesource.com/#/c/4813/ in NSS.
|
|
|
|
BUG=490240
|
|
|
|
Review URL: https://codereview.chromium.org/1143303002
|
|
|
|
Cr-Commit-Position: refs/heads/master@{#330791}
|
|
---
|
|
net/third_party/nss/ssl/ssl3con.c | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3con.c
|
|
index 89c98ea..861d434 100644
|
|
--- net/third_party/nss/ssl/ssl3con.c
|
|
+++ net/third_party/nss/ssl/ssl3con.c
|
|
@@ -6946,7 +6946,8 @@ ssl3_HandleServerKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
|
|
if (rv != SECSuccess) {
|
|
goto loser; /* malformed. */
|
|
}
|
|
- if (dh_p.len < 512/8) {
|
|
+ if (dh_p.len < 1024/8 ||
|
|
+ (dh_p.len == 1024/8 && (dh_p.data[0] & 0x80) == 0)) {
|
|
errCode = SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY;
|
|
goto alert_loser;
|
|
}
|
|
--
|
|
2.4.2
|
|
|