diff options
-rw-r--r-- | crypto/dh/dh_check.c | 6 | ||||
-rw-r--r-- | include/openssl/dh.h | 6 |
2 files changed, 11 insertions, 1 deletions
diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c index 0b8a17c675..98014593b6 100644 --- a/crypto/dh/dh_check.c +++ b/crypto/dh/dh_check.c @@ -152,6 +152,12 @@ int DH_check(const DH *dh, int *ret) if (nid != NID_undef) return 1; + /* Don't do any checks at all with an excessively large modulus */ + if (BN_num_bits(dh->params.p) > OPENSSL_DH_CHECK_MAX_MODULUS_BITS) { + ERR_raise(ERR_LIB_DH, DH_R_MODULUS_TOO_LARGE); + return 0; + } + if (!DH_check_params(dh, ret)) return 0; diff --git a/include/openssl/dh.h b/include/openssl/dh.h index 2c6219e7c2..da6e7b06c8 100644 --- a/include/openssl/dh.h +++ b/include/openssl/dh.h @@ -92,7 +92,11 @@ int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm); # include <openssl/dherr.h> # ifndef OPENSSL_DH_MAX_MODULUS_BITS -# define OPENSSL_DH_MAX_MODULUS_BITS 10000 +# define OPENSSL_DH_MAX_MODULUS_BITS 10000 +# endif + +# ifndef OPENSSL_DH_CHECK_MAX_MODULUS_BITS +# define OPENSSL_DH_CHECK_MAX_MODULUS_BITS 32768 # endif # define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024 |