diff options
| author | Thai Duong <thaidn@users.noreply.github.com> | 2017-02-01 10:45:16 -0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-02-01 10:45:16 -0800 |
| commit | 397bfb49f8cf9975706d29577075aa703a4755c1 (patch) | |
| tree | 8bba871b7a7fddde1e14262b5a0ed86e420fd0d8 /java/com/google/security/wycheproof/testcases/DhTest.java | |
| parent | b898a62f3f61fa30bf1ffd1e04016387ccd59141 (diff) | |
| download | wycheproof-397bfb49f8cf9975706d29577075aa703a4755c1.tar.gz | |
Google -> GitHub Sync, 1 Feb 2017 (#19)
* Removing duplicates from BigIntegerTest.
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=142548323
* Remove @NoPresubmitCheck from testModifiedPublic() and testModifiedPublicSpec(). The corresponding bug was fixed in BC 1.55 or BC 1.56.
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=142561682
* minor typos
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=142743772
* Regenerating the test vectors for ECDSA:
- this adds more comments for bugtypes and modifications or the signatures.
- fixes some ugly formatting.
- adds some additional test vectors.
There are no new bugs.
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=144619819
* Regenerating DSA test vectors:
This adds a few more test vectors.
The test vectors are now divided between test vectors with valid BER encodings
and test vectors with invalid DER encodings.
The description of the test vector better describes what was modified.
Also fixing issue #17 on Github: testVectors in DsaTest not using the message parameter
There are no changes to the presubmit tests. Tests that can be enabled because of the
Oracles security update will be added in another CL.
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=144814889
* Regenerating test vectors for EcdhTest.java
Merging a test with small order into the test vectors.
Fixing ASN encoding of 0 (from 0200 to 020100, i.e. length must be > 0).
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=144815129
* Regenerating RSA signatures.
Adding test vectors that were removed because of b/31575502. Oracle fixes this with CVE-2016-5547.
Changing ASN tags with value 0x50 to 0x30 (0x50 would be something like sequence of sequence but does not exist), hence the old vectors are unlikely to cause problems.
Adding more modifications of OIDs. The new vectors unpack the OIDs and change the nodes.
(E.g. the OID for sha256 is the hexadecimal string "608648016503040201" which is an
ASN encoding of "2.16.840.1.101.3.4.2.1". The new test vectors include invalid encoding,
encodings with additional nodes, deleted nodes and nodes that are changed to large integers)
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=144846826
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=145060646
* Removing presubmit restrictions for tests that have been fixed internally and upstream.
Mainly these are tests with CVEs that were announced during the Jan 17 security update
by Oracle.
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=145397539
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=145418516
* Adding the CVE numbers from Oracles Jan 17 security update to the documentation.
Minor changes to some test vectors: Some of the garbage added to the ASN encoding
was itself incorrect and has been replaced.
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=145650774
* ECDSA MODIFIED_SIGNATURES should be public now.
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=146186539
Diffstat (limited to 'java/com/google/security/wycheproof/testcases/DhTest.java')
| -rw-r--r-- | java/com/google/security/wycheproof/testcases/DhTest.java | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/java/com/google/security/wycheproof/testcases/DhTest.java b/java/com/google/security/wycheproof/testcases/DhTest.java index 3e9c9e7..84be8f2 100644 --- a/java/com/google/security/wycheproof/testcases/DhTest.java +++ b/java/com/google/security/wycheproof/testcases/DhTest.java @@ -358,6 +358,8 @@ public class DhTest extends TestCase { * itself cannot prevent all small-subgroup attacks because of the missing parameter q in the * Diffie-Hellman parameters. Implementations must add additional countermeasures such as the ones * proposed in RFC 2785. + * + * <p> CVE-2016-1000346: BouncyCastle before v.1.56 did not validate the other parties public key. */ public void testSubgroupConfinement() throws Exception { KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH"); |