diff options
Diffstat (limited to 'freebsd/crypto/openssl/crypto/dh')
-rw-r--r-- | freebsd/crypto/openssl/crypto/dh/dh_key.c | 7 | ||||
-rw-r--r-- | freebsd/crypto/openssl/crypto/dh/dh_pmeth.c | 4 |
2 files changed, 8 insertions, 3 deletions
diff --git a/freebsd/crypto/openssl/crypto/dh/dh_key.c b/freebsd/crypto/openssl/crypto/dh/dh_key.c index f6e9d20e..eb40d030 100644 --- a/freebsd/crypto/openssl/crypto/dh/dh_key.c +++ b/freebsd/crypto/openssl/crypto/dh/dh_key.c @@ -132,10 +132,15 @@ static int generate_key(DH *dh) int ok = 0; int generate_new_key = 0; unsigned l; - BN_CTX *ctx; + BN_CTX *ctx = NULL; BN_MONT_CTX *mont = NULL; BIGNUM *pub_key = NULL, *priv_key = NULL; + if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) { + DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE); + return 0; + } + ctx = BN_CTX_new(); if (ctx == NULL) goto err; diff --git a/freebsd/crypto/openssl/crypto/dh/dh_pmeth.c b/freebsd/crypto/openssl/crypto/dh/dh_pmeth.c index fe5684ce..6456729b 100644 --- a/freebsd/crypto/openssl/crypto/dh/dh_pmeth.c +++ b/freebsd/crypto/openssl/crypto/dh/dh_pmeth.c @@ -5,7 +5,7 @@ * 2006. */ /* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. + * Copyright (c) 2006-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -488,7 +488,7 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key, return ret; } #endif - return 1; + return 0; } const EVP_PKEY_METHOD dh_pkey_meth = { |