* internal use.
*/
#include "internal/deprecated.h"
+#include "internal/common.h"
#include <string.h> /* strcmp */
#include <openssl/core_dispatch.h>
{
struct dh_gen_ctx *gctx = genctx;
const OSSL_PARAM *p;
+ int gen_type = -1;
if (gctx == NULL)
return 0;
p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_TYPE);
if (p != NULL) {
if (p->data_type != OSSL_PARAM_UTF8_STRING
- || ((gctx->gen_type =
+ || ((gen_type =
dh_gen_type_name2id_w_default(p->data, gctx->dh_type)) == -1)) {
ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT);
return 0;
}
+ if (gen_type != -1)
+ gctx->gen_type = gen_type;
}
p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_GROUP_NAME);
if (p != NULL) {
if (gctx->group_nid != NID_undef)
gctx->gen_type = DH_PARAMGEN_TYPE_GROUP;
+ /* Bounds check on context gen_type */
+ if (!ossl_assert((gctx->gen_type >= DH_PARAMGEN_TYPE_GENERATOR)
+ && (gctx->gen_type <= DH_PARAMGEN_TYPE_GROUP))) {
+ ERR_raise_data(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR,
+ "gen_type set to unsupported value %d", gctx->gen_type);
+ return NULL;
+ }
+
/* For parameter generation - If there is a group name just create it */
if (gctx->gen_type == DH_PARAMGEN_TYPE_GROUP
&& gctx->ffc_params == NULL) {