1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54
|
Description: CVE-2016-0739: Truncated Diffie-Hellman secret length
Origin: upstream, https://git.libssh.org/projects/libssh.git/commit/?id=f8d0026c65fc8a55748ae481758e2cf376c26c86
Bug-Debian: https://bugs.debian.org/815663
Forwarded: not-needed
Author: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Salvatore Bonaccorso <carnil@debian.org>
Last-Update: 2016-02-22
Applied-Upstream: 0.7.3
---
src/dh.c | 22 +++++++++++++++++-----
1 file changed, 17 insertions(+), 5 deletions(-)
--- a/src/dh.c
+++ b/src/dh.c
@@ -237,15 +237,16 @@ void ssh_print_hexa(const char *descr, c
}
int dh_generate_x(ssh_session session) {
+ int keysize = 1023;
session->next_crypto->x = bignum_new();
if (session->next_crypto->x == NULL) {
return -1;
}
#ifdef HAVE_LIBGCRYPT
- bignum_rand(session->next_crypto->x, 128);
+ bignum_rand(session->next_crypto->x, keysize);
#elif defined HAVE_LIBCRYPTO
- bignum_rand(session->next_crypto->x, 128, 0, -1);
+ bignum_rand(session->next_crypto->x, keysize, -1, 0);
#endif
/* not harder than this */
@@ -258,15 +259,16 @@ int dh_generate_x(ssh_session session) {
/* used by server */
int dh_generate_y(ssh_session session) {
- session->next_crypto->y = bignum_new();
+ int keysize = 1023;
+ session->next_crypto->y = bignum_new();
if (session->next_crypto->y == NULL) {
return -1;
}
#ifdef HAVE_LIBGCRYPT
- bignum_rand(session->next_crypto->y, 128);
+ bignum_rand(session->next_crypto->y, keysize);
#elif defined HAVE_LIBCRYPTO
- bignum_rand(session->next_crypto->y, 128, 0, -1);
+ bignum_rand(session->next_crypto->y, keysize, -1, 0);
#endif
/* not harder than this */
|