diff options
| author | Shane Lontis <shane.lontis@oracle.com> | 2021-02-17 13:13:51 +1000 |
|---|---|---|
| committer | Shane Lontis <shane.lontis@oracle.com> | 2021-02-19 19:25:24 +1000 |
| commit | eabb3014165a1319ceb8a69cc135feb99f288293 (patch) | |
| tree | 45827f8e564e26cfa4d4d799078260ec439748d7 /crypto/dh | |
| parent | 576892d78f80cf9a169e7f766319c843e430f378 (diff) | |
Fix DH ASN1 decode so that it detects named groups.
The dh->nid was not being set if the loaded p,g matched an inbuilt named
group for "DH".
NOTE: The "DHX" related path already worked since it calls DH_set0_pqg()
(which does the name group check).
This bug was detected when new tests were added for dh5114 groups, combined
with the no-cache tests i.e. loading+import+export set the nid,
but just loading did not.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14207)
Diffstat (limited to 'crypto/dh')
| -rw-r--r-- | crypto/dh/dh_asn1.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/dh/dh_asn1.c b/crypto/dh/dh_asn1.c index 81899de5d6..68013219e7 100644 --- a/crypto/dh/dh_asn1.c +++ b/crypto/dh/dh_asn1.c @@ -19,6 +19,7 @@ #include "dh_local.h" #include <openssl/objects.h> #include <openssl/asn1t.h> +#include "crypto/dh.h" /* Override the default free and new methods */ static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, @@ -38,6 +39,7 @@ static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, DH_clear_flags(dh, DH_FLAG_TYPE_MASK); DH_set_flags(dh, DH_FLAG_TYPE_DH); + dh_cache_named_group(dh); dh->dirty_cnt++; } return 1; @@ -88,8 +90,6 @@ int i2d_int_dhx(const int_dhx942_dh *a, unsigned char **pp); IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(int_dhx942_dh, DHxparams, int_dhx) -/* Application public function: read in X9.42 DH parameters into DH structure */ - DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length) { FFC_PARAMS *params; |