diff options
Diffstat (limited to 'java/com/google/security/wycheproof/testcases/DhTest.java')
-rw-r--r-- | java/com/google/security/wycheproof/testcases/DhTest.java | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/java/com/google/security/wycheproof/testcases/DhTest.java b/java/com/google/security/wycheproof/testcases/DhTest.java index 3e9c9e7..84be8f2 100644 --- a/java/com/google/security/wycheproof/testcases/DhTest.java +++ b/java/com/google/security/wycheproof/testcases/DhTest.java @@ -358,6 +358,8 @@ public class DhTest extends TestCase { * itself cannot prevent all small-subgroup attacks because of the missing parameter q in the * Diffie-Hellman parameters. Implementations must add additional countermeasures such as the ones * proposed in RFC 2785. + * + * <p> CVE-2016-1000346: BouncyCastle before v.1.56 did not validate the other parties public key. */ public void testSubgroupConfinement() throws Exception { KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH"); |