Headline
CVE-2021-3798: SOFT: Check the EC Key on C_CreateObject and C_DeriveKey · opencryptoki/opencryptoki@4e3b43c
A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via C_CreateObject, nor when C_DeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key by performing an invalid curve attack.
Permalink
Browse files
SOFT: Check the EC Key on C_CreateObject and C_DeriveKey
When constructing an OpenSSL EC public or private key from PKCS#11 attributes or ECDH public data, check that the key is valid, i.e. that the point is on the curve.
This prevents one from creating an EC key object via C_CreateObject with invalid key data. It also prevents C_DeriveKey to derive a secret using ECDH with an EC public key (public data) that uses a different curve or is invalid by other means.
Signed-off-by: Ingo Franzki [email protected]
- Loading branch information