Check DSA parameters for excessive sizes before validating

Tongsuo-Project / Tongsuo

铜锁/Tongsuo is a Modern Cryptographic Primitives and Protocols Library

https://www.tongsuo.net

Apache License 2.0

1.16k stars 186 forks source link

Closed dongbeiouba closed 5 months ago

dongbeiouba commented 5 months ago

This avoids overly long computation of various validation checks.

Fixes CVE-2024-4603