Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-09 18:18:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

for dh key exchanges, use p as the parameter for weak key exchanges.

Browse source 
Y can be a few bytes smaller due to the modulo operation - this is ok.
This commit is contained in:
Johanna Amann 2014-11-17 09:51:47 -08:00
parent 705989da39
commit f99bc98800
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
scripts/policy/protocols/ssl/weak-keys.bro
View file

@ -65,7 +65,7 @@ event ssl_dh_server_params(c: connection, p: string, q: string, Ys: string) &pri
if ( ! addr_matches_host(c$id$resp_h, notify_weak_keys) ) if ( ! addr_matches_host(c$id$resp_h, notify_weak_keys) )
return; return;
local key_length = |Ys| * 8; # key length in bits local key_length = |p| * 8; # length of the used prime number in bits
if ( key_length < notify_minimal_key_length ) if ( key_length < notify_minimal_key_length )
NOTICE([$note=Weak_Key, NOTICE([$note=Weak_Key,