diff options
author | Tomas Mraz <tomas@openssl.org> | 2021-02-10 18:44:00 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2021-02-18 11:02:26 +0100 |
commit | ba37b82045b1b2fbcbf7580b317de5e3b52c8035 (patch) | |
tree | 96e779b80c7c34adf8913f02bcc557cff6661042 /include/internal | |
parent | ebcaf110b250cd55281500fa1debef806ab490f0 (diff) |
dsa_check: Perform simple parameter check if seed is not available
Added primality check on p and q in the ossl_ffc_params_simple_validate().
Checking for p and q sizes in the default provider is made more
lenient.
Added two testcases for invalid parameters.
Fixes #13950
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14148)
Diffstat (limited to 'include/internal')
-rw-r--r-- | include/internal/ffc.h | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/include/internal/ffc.h b/include/internal/ffc.h index 7653b6e2fa..4cffc720a6 100644 --- a/include/internal/ffc.h +++ b/include/internal/ffc.h @@ -162,8 +162,12 @@ int ossl_ffc_params_FIPS186_2_gen_verify(OSSL_LIB_CTX *libctx, size_t L, size_t N, int *res, BN_GENCB *cb); -int ossl_ffc_params_simple_validate(OSSL_LIB_CTX *libctx, FFC_PARAMS *params, - int type); +int ossl_ffc_params_simple_validate(OSSL_LIB_CTX *libctx, + const FFC_PARAMS *params, + int paramstype, int *res); +int ossl_ffc_params_full_validate(OSSL_LIB_CTX *libctx, + const FFC_PARAMS *params, + int paramstype, int *res); int ossl_ffc_params_FIPS186_4_validate(OSSL_LIB_CTX *libctx, const FFC_PARAMS *params, int type, int *res, BN_GENCB *cb); |