From e454a3934c287aede194cac49c8934f04bf6a04f Mon Sep 17 00:00:00 2001
From: Shane Lontis <shane.lontis@oracle.com>
Date: Mon, 29 Mar 2021 13:38:00 +1000
Subject: Add a range check (from SP800-56Ar3) to DH key derivation.

Fixes #14401

Note that this moves the public key check out of DH compute_key() since
key validation does not belong inside this primitive..
The check has been moved to the EVP_PKEY_derive_set_peer() function so that
it generally applies to all exchange operations.. Use EVP_PKEY_derive_set_peer_ex()
to disable this behaviour.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14717)
---
 crypto/err/openssl.txt | 1 +
 1 file changed, 1 insertion(+)

(limited to 'crypto/err')

diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 0a407ba2dc..aed5b72cff 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -477,6 +477,7 @@ DH_R_DECODE_ERROR:104:decode error
 DH_R_INVALID_PARAMETER_NAME:110:invalid parameter name
 DH_R_INVALID_PARAMETER_NID:114:invalid parameter nid
 DH_R_INVALID_PUBKEY:102:invalid public key
+DH_R_INVALID_SECRET:128:invalid secret
 DH_R_KDF_PARAMETER_ERROR:112:kdf parameter error
 DH_R_KEYS_NOT_SET:108:keys not set
 DH_R_MISSING_PUBKEY:125:missing pubkey
-- 
cgit v1.2.3