DH keys have an (until now) unused 'q' parameter. When creating

from DSA copy q across and if q present generate DH key in the correct range.
author: Dr. Stephen Henson <steve@openssl.org> 2011-04-07 15:01:48 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2011-04-07 15:01:48 +0000
commit: 31360957fb866264a82d0aa63a18a76740c32cb0 (patch)
tree: 1a717ae14dc5c81b32579fc384851274fe2a9e26 /crypto/dsa/dsa_lib.c
parent: d80399a3571e58a2c96da68c4fc6c95fb555902e (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c
index e9b75902db..12f83ed848 100644
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@@ -276,7 +276,8 @@ void *DSA_get_ex_data(DSA *d, int idx)
 DH *DSA_dup_DH(const DSA *r)
 	{
 	/* DSA has p, q, g, optional pub_key, optional priv_key.
-	 * DH has p, optional length, g, optional pub_key, optional priv_key.
+	 * DH has p, optional length, g, optional pub_key, optional priv_key,
+	 * optional q.
 	 */ 
 
 	DH *ret = NULL;
@@ -290,7 +291,11 @@ DH *DSA_dup_DH(const DSA *r)
 		if ((ret->p = BN_dup(r->p)) == NULL)
 			goto err;
 	if (r->q != NULL)
+		{
 		ret->length = BN_num_bits(r->q);
+		if ((ret->q = BN_dup(r->q)) == NULL)
+			goto err;
+		}
 	if (r->g != NULL)
 		if ((ret->g = BN_dup(r->g)) == NULL)
 			goto err;
author	Dr. Stephen Henson <steve@openssl.org>	2011-04-07 15:01:48 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2011-04-07 15:01:48 +0000
commit	31360957fb866264a82d0aa63a18a76740c32cb0 (patch)
tree	1a717ae14dc5c81b32579fc384851274fe2a9e26 /crypto/dsa/dsa_lib.c
parent	d80399a3571e58a2c96da68c4fc6c95fb555902e (diff)