Don't crash if an unrecognised digest is used with dsa_paramgen_md

Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5884)
author: Matt Caswell <matt@openssl.org> 2018-03-29 17:48:28 +0100
committer: Matt Caswell <matt@openssl.org> 2018-04-05 17:04:01 +0100
commit: 5068cfbd439d97660eb30f8bec5252f11d1ec796 (patch)
tree: f74b167c55a9f9647ebb8bab1faf17474fb0cc01 /crypto
parent: a3dbbe47f09336484c8c874a0b1838266b51a8e8 (diff)
1 files changed, 8 insertions, 2 deletions
diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c
index 78724839b5..2d98132a4c 100644
--- a/crypto/dsa/dsa_pmeth.c
+++ b/crypto/dsa/dsa_pmeth.c
@@ -230,10 +230,16 @@ static int pkey_dsa_ctrl_str(EVP_PKEY_CTX *ctx,
                                  EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, qbits,
                                  NULL);
     }
-    if (!strcmp(type, "dsa_paramgen_md")) {
+    if (strcmp(type, "dsa_paramgen_md") == 0) {
+        const EVP_MD *md = EVP_get_digestbyname(value);
+
+        if (md == NULL) {
+            DSAerr(DSA_F_PKEY_DSA_CTRL_STR, DSA_R_INVALID_DIGEST_TYPE);
+            return 0;
+        }
         return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
                                  EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0,
-                                 (void *)EVP_get_digestbyname(value));
+                                 (void *)md);
     }
     return -2;
 }
author	Matt Caswell <matt@openssl.org>	2018-03-29 17:48:28 +0100
committer	Matt Caswell <matt@openssl.org>	2018-04-05 17:04:01 +0100
commit	5068cfbd439d97660eb30f8bec5252f11d1ec796 (patch)
tree	f74b167c55a9f9647ebb8bab1faf17474fb0cc01 /crypto
parent	a3dbbe47f09336484c8c874a0b1838266b51a8e8 (diff)