From f6c0bd641c649bd7f206c275363c6ff2eec4d759 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Fri, 25 Nov 2011 16:03:42 +0000
Subject: [PATCH] return error if counter exceeds limit and seed value supplied

---
 crypto/dsa/dsa_gen.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
index 3b49420c76..9e3e57a828 100644
--- a/crypto/dsa/dsa_gen.c
+++ b/crypto/dsa/dsa_gen.c
@@ -668,6 +668,12 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
 			/* step 14 */
 			if (counter >= (int)(4 * L)) break;
 			}
+		if (seed_in)
+			{
+			ok = 0;
+			DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_INVALID_PARAMETERS);
+			goto err;
+			}
 		}
 end:
 	if(!BN_GENCB_call(cb, 2, 1))
-- 
2.34.1