diff options
author | Niels Dossche <niels.dossche@ugent.be> | 2023-01-21 13:34:34 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-01-23 10:40:26 +0100 |
commit | a2b01ae1c84ccc250d5d5cb5f2f8714573e3f11b (patch) | |
tree | 7d9a3ca73d72378052f1eb707b168197c5bcf398 /crypto | |
parent | 1d857945324810f43a302c9d062c617207093387 (diff) |
Fix incorrect check on RAND_bytes_ex() in generate_q_fips186_4()
RAND_bytes_ex() can also return 0 on failure. Other callers do check
this correctly. Change the check from <0 to <=0.
Fixes: #20100
CLA: trivial
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20106)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/ffc/ffc_params_generate.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/ffc/ffc_params_generate.c b/crypto/ffc/ffc_params_generate.c index 101fd76b83..a369370145 100644 --- a/crypto/ffc/ffc_params_generate.c +++ b/crypto/ffc/ffc_params_generate.c @@ -329,7 +329,7 @@ static int generate_q_fips186_4(BN_CTX *ctx, BIGNUM *q, const EVP_MD *evpmd, /* A.1.1.2 Step (5) : generate seed with size seed_len */ if (generate_seed - && RAND_bytes_ex(libctx, seed, seedlen, 0) < 0) + && RAND_bytes_ex(libctx, seed, seedlen, 0) <= 0) goto err; /* * A.1.1.2 Step (6) AND |