diff options
author | Niels Dossche <niels.dossche@ugent.be> | 2023-01-21 13:34:34 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-01-23 10:41:02 +0100 |
commit | c167983269efea389583838c4e291717071840ff (patch) | |
tree | 1c0e1bc2a93e4f8cd04c217de483e3f77096a95a /crypto | |
parent | f9abf5877474e75310ee1fecfe9f0735ceccf65a (diff) |
Fix incorrect check on RAND_bytes_ex() in generate_q_fips186_4()
RAND_bytes_ex() can also return 0 on failure. Other callers do check
this correctly. Change the check from <0 to <=0.
Fixes: #20100
CLA: trivial
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20106)
(cherry picked from commit a2b01ae1c84ccc250d5d5cb5f2f8714573e3f11b)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/ffc/ffc_params_generate.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/ffc/ffc_params_generate.c b/crypto/ffc/ffc_params_generate.c index 299e58a8e2..ee11d048a7 100644 --- a/crypto/ffc/ffc_params_generate.c +++ b/crypto/ffc/ffc_params_generate.c @@ -329,7 +329,7 @@ static int generate_q_fips186_4(BN_CTX *ctx, BIGNUM *q, const EVP_MD *evpmd, /* A.1.1.2 Step (5) : generate seed with size seed_len */ if (generate_seed - && RAND_bytes_ex(libctx, seed, seedlen, 0) < 0) + && RAND_bytes_ex(libctx, seed, seedlen, 0) <= 0) goto err; /* * A.1.1.2 Step (6) AND |