projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Add multiple fixes for ffc key generation using invalid p,q,g parameters.
[openssl.git]
/
crypto
/
dh
/
dh_key.c
diff --git
a/crypto/dh/dh_key.c
b/crypto/dh/dh_key.c
index 5d2acca25ce1d2dbf93ce2369d0e0b07686c85b5..3b4da19cd20aeaba887abdce5782cf5f715e55d2 100644
(file)
--- a/
crypto/dh/dh_key.c
+++ b/
crypto/dh/dh_key.c
@@
-287,6
+287,10
@@
static int generate_key(DH *dh)
} else
#endif
{
+ /* Do a partial check for invalid p, q, g */
+ if (!ffc_params_simple_validate(dh->libctx, &dh->params,
+ FFC_PARAM_TYPE_DH))
+ goto err;
/*
* For FFC FIPS 186-4 keygen
* security strength s = 112,