Skip to content

Fix CVE-2024-28285 and Issue #1342 in pubkey.h#1343

Open
Coralesoft wants to merge 1 commit intoweidai11:masterfrom
Coralesoft:fix/CVE-2024-28285
Open

Fix CVE-2024-28285 and Issue #1342 in pubkey.h#1343
Coralesoft wants to merge 1 commit intoweidai11:masterfrom
Coralesoft:fix/CVE-2024-28285

Conversation

@Coralesoft
Copy link
Copy Markdown

@Coralesoft Coralesoft commented Feb 6, 2026

CVE-2024-28285: Harden hybrid DL decryption against fault injection

  • Blinding verification to detect faulted key-agreement computations
  • Fix blinding k range

Issue #1342: Fix DSA/ECDSA to handle r=0 or s=0

  • Probabilistic signatures: retry with fresh random k until valid (64-attempt cap)
  • Deterministic signatures (RFC 6979): abort with exception (API returns single k)

Fixes: #1342
Fixes: #1262

@Coralesoft
Fix CVE-2024-28285 and Issue weidai11#1342 in pubkey.h
f02980b 
CVE-2024-28285: Harden hybrid DL decryption against fault injection
- Blinding verification to detect faulted key-agreement computations
- Fix blinding k range

Issue weidai11#1342: Fix DSA/ECDSA to handle r=0 or s=0
- Probabilistic signatures: retry with fresh random k until valid (64-attempt cap)
- Deterministic signatures (RFC 6979): abort with exception (API returns single k)

Fixes: weidai11#1342
Fixes: weidai11#1262
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Leak the Secret Key of Elgamal Encryption in Cryptopp via Rowhammer DSA2 signing can output invalid signature s=0 (should retry per DSA)

1 participant

@Coralesoft