Generate error queue entry on FFC_CHECK_BAD_LN_PAIR for DH and DSA

Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12062)
author: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2020-06-05 21:27:34 +0200
committer: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2020-06-10 11:08:21 +0200
commit: 8da42c8b26393f56acc4f301b95f925eb8902442 (patch)
tree: 8d3f1fff08f041aca7f44a989da546c0adf77a99
parent: 498e807ed257b0f292ba94aea2971b928efbfd91 (diff)
8 files changed, 19 insertions, 4 deletions
diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c
index e5eb32381d..a8243ec987 100644
--- a/crypto/dh/dh_err.c
+++ b/crypto/dh/dh_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -14,6 +14,7 @@
 #ifndef OPENSSL_NO_ERR
 
 static const ERR_STRING_DATA DH_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_DH, 0, DH_R_BAD_FFC_PARAMETERS), "bad ffc parameters"},
     {ERR_PACK(ERR_LIB_DH, 0, DH_R_BAD_GENERATOR), "bad generator"},
     {ERR_PACK(ERR_LIB_DH, 0, DH_R_BN_DECODE_ERROR), "bn decode error"},
     {ERR_PACK(ERR_LIB_DH, 0, DH_R_BN_ERROR), "bn error"},
diff --git a/crypto/dh/dh_gen.c b/crypto/dh/dh_gen.c
index 327f6ff610..8c1518ad9b 100644
--- a/crypto/dh/dh_gen.c
+++ b/crypto/dh/dh_gen.c
@@ -68,7 +68,7 @@ int dh_get_named_group_uid_from_size(int pbits)
      * Just choose an approved safe prime group.
      * The alternative to this is to generate FIPS186-4 domain parameters i.e.
      * return dh_generate_ffc_parameters(ret, prime_len, 0, NULL, cb);
-     * As the FIPS186-4 generated params are for backwards compatability,
+     * As the FIPS186-4 generated params are for backwards compatibility,
      * the safe prime group should be used as the default.
      */
     int nid;
diff --git a/crypto/dsa/dsa_err.c b/crypto/dsa/dsa_err.c
index f4d187e4b9..6bf7accacf 100644
--- a/crypto/dsa/dsa_err.c
+++ b/crypto/dsa/dsa_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -14,6 +14,7 @@
 #ifndef OPENSSL_NO_ERR
 
 static const ERR_STRING_DATA DSA_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_BAD_FFC_PARAMETERS), "bad ffc parameters"},
     {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_BAD_Q_VALUE), "bad q value"},
     {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_BN_DECODE_ERROR), "bn decode error"},
     {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_BN_ERROR), "bn error"},
diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c
index 750d0168fa..7f7f57f6d3 100644
--- a/crypto/dsa/dsa_pmeth.c
+++ b/crypto/dsa/dsa_pmeth.c
@@ -221,7 +221,7 @@ static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
                                         dctx->nbits, dctx->qbits, dctx->pmd,
                                         &res, pcb);
     BN_GENCB_free(pcb);
-    if (ret)
+    if (ret > 0)
         EVP_PKEY_assign_DSA(pkey, dsa);
     else
         DSA_free(dsa);
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 8afc67e747..9b252e3827 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -2341,6 +2341,7 @@ CT_R_SCT_UNSUPPORTED_VERSION:115:sct unsupported version
 CT_R_UNRECOGNIZED_SIGNATURE_NID:101:unrecognized signature nid
 CT_R_UNSUPPORTED_ENTRY_TYPE:102:unsupported entry type
 CT_R_UNSUPPORTED_VERSION:103:unsupported version
+DH_R_BAD_FFC_PARAMETERS:127:bad ffc parameters
 DH_R_BAD_GENERATOR:101:bad generator
 DH_R_BN_DECODE_ERROR:109:bn decode error
 DH_R_BN_ERROR:106:bn error
@@ -2368,6 +2369,7 @@ DH_R_PARAMETER_ENCODING_ERROR:105:parameter encoding error
 DH_R_PEER_KEY_ERROR:111:peer key error
 DH_R_SHARED_INFO_ERROR:113:shared info error
 DH_R_UNABLE_TO_CHECK_GENERATOR:121:unable to check generator
+DSA_R_BAD_FFC_PARAMETERS:114:bad ffc parameters
 DSA_R_BAD_Q_VALUE:102:bad q value
 DSA_R_BN_DECODE_ERROR:108:bn decode error
 DSA_R_BN_ERROR:109:bn error
diff --git a/crypto/ffc/ffc_params_generate.c b/crypto/ffc/ffc_params_generate.c
index 1d8d80c9b4..624c24dd21 100644
--- a/crypto/ffc/ffc_params_generate.c
+++ b/crypto/ffc/ffc_params_generate.c
@@ -27,6 +27,9 @@
 #include <string.h> /* memset */
 #include <openssl/sha.h> /* SHA_DIGEST_LENGTH */
 #include <openssl/rand.h>
+#include <openssl/err.h>
+#include <openssl/dherr.h>
+#include <openssl/dsaerr.h>
 #include "crypto/bn.h"
 #include "internal/ffc.h"
 
@@ -40,6 +43,9 @@ static int ffc_validate_LN(size_t L, size_t N, int type)
         /* Valid DH L,N parameters from SP800-56Ar3 5.5.1 Table 1 */
         if (L == 2048 && (N == 224 || N == 256))
             return 112;
+#ifndef OPENSSL_NO_DH
+        DHerr(0, DH_R_BAD_FFC_PARAMETERS);
+#endif
     } else if (type == FFC_PARAM_TYPE_DSA) {
         /* Valid DSA L,N parameters from FIPS 186-4 Section 4.2 */
         if (L == 1024 && N == 160)
@@ -48,6 +54,9 @@ static int ffc_validate_LN(size_t L, size_t N, int type)
             return 112;
         if (L == 3072 && N == 256)
             return 128;
+#ifndef OPENSSL_NO_DSA
+        DSAerr(0, DSA_R_BAD_FFC_PARAMETERS);
+#endif
     }
     return 0;
 }
diff --git a/include/openssl/dherr.h b/include/openssl/dherr.h
index 0ebe560545..1b8fb17172 100644
--- a/include/openssl/dherr.h
+++ b/include/openssl/dherr.h
@@ -62,6 +62,7 @@ int ERR_load_DH_strings(void);
 /*
  * DH reason codes.
  */
+#  define DH_R_BAD_FFC_PARAMETERS                          127
 #  define DH_R_BAD_GENERATOR                               101
 #  define DH_R_BN_DECODE_ERROR                             109
 #  define DH_R_BN_ERROR                                    106
diff --git a/include/openssl/dsaerr.h b/include/openssl/dsaerr.h
index e2cf3098d5..271f24a2b5 100644
--- a/include/openssl/dsaerr.h
+++ b/include/openssl/dsaerr.h
@@ -57,6 +57,7 @@ int ERR_load_DSA_strings(void);
 /*
  * DSA reason codes.
  */
+#  define DSA_R_BAD_FFC_PARAMETERS                         114
 #  define DSA_R_BAD_Q_VALUE                                102
 #  define DSA_R_BN_DECODE_ERROR                            108
 #  define DSA_R_BN_ERROR                                   109
author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2020-06-05 21:27:34 +0200
committer	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2020-06-10 11:08:21 +0200
commit	8da42c8b26393f56acc4f301b95f925eb8902442 (patch)
tree	8d3f1fff08f041aca7f44a989da546c0adf77a99
parent	498e807ed257b0f292ba94aea2971b928efbfd91 (diff)