aboutsummaryrefslogtreecommitdiff
path: root/java/com/google/security/wycheproof/testcases/DhTest.java
diff options
context:
space:
mode:
Diffstat (limited to 'java/com/google/security/wycheproof/testcases/DhTest.java')
-rw-r--r--java/com/google/security/wycheproof/testcases/DhTest.java2
1 files changed, 2 insertions, 0 deletions
diff --git a/java/com/google/security/wycheproof/testcases/DhTest.java b/java/com/google/security/wycheproof/testcases/DhTest.java
index 3e9c9e7..84be8f2 100644
--- a/java/com/google/security/wycheproof/testcases/DhTest.java
+++ b/java/com/google/security/wycheproof/testcases/DhTest.java
@@ -358,6 +358,8 @@ public class DhTest extends TestCase {
* itself cannot prevent all small-subgroup attacks because of the missing parameter q in the
* Diffie-Hellman parameters. Implementations must add additional countermeasures such as the ones
* proposed in RFC 2785.
+ *
+ * <p> CVE-2016-1000346: BouncyCastle before v.1.56 did not validate the other parties public key.
*/
public void testSubgroupConfinement() throws Exception {
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH");
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-18 02:37:00 +0000