Fix SRP buffer overrun vulnerability.
Invalid parameters passed to the SRP code can be overrun an internal buffer. Add sanity check that g, A, B < N to SRP code. Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC Group for reporting this issue.
parent
f338c2e0
Please register or sign in to comment