diff options
| author | miod <> | 2015-10-21 19:02:22 +0000 |
|---|---|---|
| committer | miod <> | 2015-10-21 19:02:22 +0000 |
| commit | 1b13b85f2919becc500ee7d56c766f99acca6f75 (patch) | |
| tree | 5ddf8c3dac23f792a949739928d1abaeec3376b7 /src/lib/libcrypto/bn/bn.h | |
| parent | 8e683fccb8989afc1e9e74f5dc0a49b5a0275ec3 (diff) | |
| download | openbsd-1b13b85f2919becc500ee7d56c766f99acca6f75.tar.gz openbsd-1b13b85f2919becc500ee7d56c766f99acca6f75.tar.bz2 openbsd-1b13b85f2919becc500ee7d56c766f99acca6f75.zip | |
Reject too small bits value in BN_generate_prime_ex(), so that it does not risk
becoming negative in probable_prime_dh_safe(). Reported by Franck Denis who
noticed `openssl gendh 0' would segfault.
Fix adapted from OpenSSL RT#2701.
ok beck@ jsing@
Diffstat (limited to 'src/lib/libcrypto/bn/bn.h')
| -rw-r--r-- | src/lib/libcrypto/bn/bn.h | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/lib/libcrypto/bn/bn.h b/src/lib/libcrypto/bn/bn.h index 33c6162874..2c648ba2ee 100644 --- a/src/lib/libcrypto/bn/bn.h +++ b/src/lib/libcrypto/bn/bn.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: bn.h,v 1.27 2015/10/16 12:41:29 beck Exp $ */ | 1 | /* $OpenBSD: bn.h,v 1.28 2015/10/21 19:02:22 miod Exp $ */ |
| 2 | /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -768,6 +768,7 @@ void ERR_load_BN_strings(void); | |||
| 768 | #define BN_F_BN_DIV_RECP 130 | 768 | #define BN_F_BN_DIV_RECP 130 |
| 769 | #define BN_F_BN_EXP 123 | 769 | #define BN_F_BN_EXP 123 |
| 770 | #define BN_F_BN_EXPAND2 108 | 770 | #define BN_F_BN_EXPAND2 108 |
| 771 | #define BN_F_BN_GENERATE_PRIME_EX 140 | ||
| 771 | #define BN_F_BN_EXPAND_INTERNAL 120 | 772 | #define BN_F_BN_EXPAND_INTERNAL 120 |
| 772 | #define BN_F_BN_GF2M_MOD 131 | 773 | #define BN_F_BN_GF2M_MOD 131 |
| 773 | #define BN_F_BN_GF2M_MOD_EXP 132 | 774 | #define BN_F_BN_GF2M_MOD_EXP 132 |
| @@ -797,6 +798,7 @@ void ERR_load_BN_strings(void); | |||
| 797 | #define BN_R_ARG2_LT_ARG3 100 | 798 | #define BN_R_ARG2_LT_ARG3 100 |
| 798 | #define BN_R_BAD_RECIPROCAL 101 | 799 | #define BN_R_BAD_RECIPROCAL 101 |
| 799 | #define BN_R_BIGNUM_TOO_LONG 114 | 800 | #define BN_R_BIGNUM_TOO_LONG 114 |
| 801 | #define BN_R_BITS_TOO_SMALL 117 | ||
| 800 | #define BN_R_CALLED_WITH_EVEN_MODULUS 102 | 802 | #define BN_R_CALLED_WITH_EVEN_MODULUS 102 |
| 801 | #define BN_R_DIV_BY_ZERO 103 | 803 | #define BN_R_DIV_BY_ZERO 103 |
| 802 | #define BN_R_ENCODING_ERROR 104 | 804 | #define BN_R_ENCODING_ERROR 104 |