diff options
author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2019-07-22 22:50:19 +0200 |
---|---|---|
committer | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2019-07-24 14:44:08 +0200 |
commit | 6de1fe90860ddfe768864838637f681537f3f108 (patch) | |
tree | eb7dc66acc7eef6124922ad47edfdd168bd1eb19 /crypto/dh/dh_key.c | |
parent | 8b84b075ff065554c0cdd1086950f1a8614d93a4 (diff) | |
download | openssl-6de1fe90860ddfe768864838637f681537f3f108.zip openssl-6de1fe90860ddfe768864838637f681537f3f108.tar.gz openssl-6de1fe90860ddfe768864838637f681537f3f108.tar.bz2 |
Enforce a minimum DH modulus size of 512 bits
[extended tests]
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9437)
Diffstat (limited to 'crypto/dh/dh_key.c')
-rw-r--r-- | crypto/dh/dh_key.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 0d6b04d..8731cc2 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -87,6 +87,11 @@ static int generate_key(DH *dh) return 0; } + if (BN_num_bits(dh->p) < DH_MIN_MODULUS_BITS) { + DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_SMALL); + return 0; + } + ctx = BN_CTX_new(); if (ctx == NULL) goto err; @@ -181,6 +186,11 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) goto err; } + if (BN_num_bits(dh->p) < DH_MIN_MODULUS_BITS) { + DHerr(DH_F_COMPUTE_KEY, DH_R_MODULUS_TOO_SMALL); + return 0; + } + ctx = BN_CTX_new(); if (ctx == NULL) goto err; |