Open Bug 1991534 Opened 3 months ago Updated 2 months ago

Firefox NSS not check FFDHE public key length

Tracking

(Not tracked)

Status:

UNCONFIRMED

People

(Reporter: coiaprant, Unassigned)

Details

Coia Prant

Reporter

Description

•

3 months ago

Steps to reproduce:

Setup a TLS server with FFDHE2048.
Marshal a unsafe key without padding to p length
Use firefox access it.

Actual results:

on Firefox: SSL_BAD_MAC_READ
on TLS server: received a message decrypt fail (BadMac).

Expected results:

tls: illegal parameter

On OpenSSL, it will always check length:
https://github.com/openssl/openssl/blob/master/ssl/t1_lib.c#L4938

08xjcec48

Updated

•

3 months ago

Assignee: nobody → nobody

Component: Untriaged → Libraries

Product: Firefox → NSS

Version: Firefox 145 → unspecified

Benjamin Beurdouche [:beurdouche]

Updated

•

2 months ago

Severity: -- → S4

Priority: -- → P3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Firefox NSS not check FFDHE public key length

Categories

(NSS :: Libraries, defect, P3)

Tracking

(Not tracked)

People

(Reporter: coiaprant, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Updated

Updated