diff options
author | Jiasheng Jiang <jiasheng@purdue.edu> | 2024-03-25 16:54:55 +0000 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2024-04-09 20:47:47 +0200 |
commit | 309c7ffd17334a9f9f5b04286892f10a9aca8a2e (patch) | |
tree | 4b4c4a9e3c32870857c439ea230191323fdaf5a7 /crypto | |
parent | f5fde94c54a1ad49663391750fd1b2f47550a4b6 (diff) |
ffc/ffc_params_generate.c: Add the check for the EVP_MD_get_size()
Add the check for the EVP_MD_get_size() to avoid invalid negative numbers.
Fixes: 4f2271d58a ("Add ACVP fips module tests")
Signed-off-by: Jiasheng Jiang <jiasheng@purdue.edu>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23970)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/ffc/ffc_params_generate.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/crypto/ffc/ffc_params_generate.c b/crypto/ffc/ffc_params_generate.c index 8294fbec36..14834e5f7e 100644 --- a/crypto/ffc/ffc_params_generate.c +++ b/crypto/ffc/ffc_params_generate.c @@ -814,6 +814,7 @@ int ossl_ffc_params_FIPS186_2_gen_verify(OSSL_LIB_CTX *libctx, BIGNUM *r0, *test, *tmp, *g = NULL, *q = NULL, *p = NULL; BN_MONT_CTX *mont = NULL; EVP_MD *md = NULL; + int md_size; size_t qsize; int n = 0, m = 0; int counter = 0, pcounter = 0, use_random_seed; @@ -842,8 +843,11 @@ int ossl_ffc_params_FIPS186_2_gen_verify(OSSL_LIB_CTX *libctx, } if (md == NULL) goto err; + md_size = EVP_MD_get_size(md); + if (md_size <= 0) + goto err; if (N == 0) - N = EVP_MD_get_size(md) * 8; + N = md_size * 8; qsize = N >> 3; /* |