return error if counter exceeds limit and seed value supplied

[openssl.git] / crypto / dsa / dsa_gen.c

diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
index 3b49420c762f850a1433a0db79d60056cb6a8cdf..9e3e57a828599e24c4d088319672c9575292bb41 100644 (file)
--- a/crypto/dsa/dsa_gen.c
+++ b/crypto/dsa/dsa_gen.c
@@ -668,6 +668,12 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
                        /* step 14 */
                        if (counter >= (int)(4 * L)) break;
                        }
                        /* step 14 */
                        if (counter >= (int)(4 * L)) break;
                        }

+               if (seed_in)
+                       {
+                       ok = 0;
+                       DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_INVALID_PARAMETERS);
+                       goto err;
+                       }

                }
 end:
        if(!BN_GENCB_call(cb, 2, 1))
                }
 end:
        if(!BN_GENCB_call(cb, 2, 1))