Skip to content

Commit

Permalink
crypto: DSA parameter validation in FIPS mode
Browse files Browse the repository at this point in the history
FIPS 180-4 requires specific (L,N) values. OpenSSL will crash if an
invalid combination is used, so we must check the input sanity first.

PR-URL: #3756
Reviewed-By: Fedor Indutny <[email protected]>
Reviewed-By: Shigeki Ohtsu <[email protected]>
Reviewed-By: James M Snell <[email protected]>
  • Loading branch information
stefanmb authored and rvagg committed Dec 4, 2015
1 parent 8156e14 commit d235a00
Showing 1 changed file with 23 additions and 0 deletions.
23 changes: 23 additions & 0 deletions src/node_crypto.cc
Original file line number Diff line number Diff line change
Expand Up @@ -3593,6 +3593,29 @@ SignBase::Error Sign::SignFinal(const char* key_pem,
if (pkey == nullptr || 0 != ERR_peek_error())
goto exit;

#ifdef NODE_FIPS_MODE
/* Validate DSA2 parameters from FIPS 186-4 */
if (EVP_PKEY_DSA == pkey->type) {
size_t L = BN_num_bits(pkey->pkey.dsa->p);
size_t N = BN_num_bits(pkey->pkey.dsa->q);
bool result = false;

if (L == 1024 && N == 160)
result = true;
else if (L == 2048 && N == 224)
result = true;
else if (L == 2048 && N == 256)
result = true;
else if (L == 3072 && N == 256)
result = true;

if (!result) {
fatal = true;
goto exit;
}
}
#endif // NODE_FIPS_MODE

if (EVP_SignFinal(&mdctx_, *sig, sig_len, pkey))
fatal = false;

Expand Down

0 comments on commit d235a00

Please sign in to comment.