]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ebcaf11) | patch
dsa_check: Perform simple parameter check if seed is not available
authorTomas Mraz <tomas@openssl.org>
Wed, 10 Feb 2021 17:44:00 +0000 (18:44 +0100)
committerTomas Mraz <tomas@openssl.org>
Thu, 18 Feb 2021 10:02:26 +0000 (11:02 +0100)
commitba37b82045b1b2fbcbf7580b317de5e3b52c8035
tree96e779b80c7c34adf8913f02bcc557cff6661042tree | snapshot
parentebcaf110b250cd55281500fa1debef806ab490f0commit | diff
dsa_check: Perform simple parameter check if seed is not available

Added primality check on p and q in the ossl_ffc_params_simple_validate().
Checking for p and q sizes in the default provider is made more
lenient.
Added two testcases for invalid parameters.

Fixes #13950

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14148)
14 files changed:
crypto/dh/dh_key.c diff | blob | blame | history
crypto/dsa/dsa_check.c diff | blob | blame | history
crypto/dsa/dsa_err.c diff | blob | blame | history
crypto/dsa/dsa_key.c diff | blob | blame | history
crypto/err/openssl.txt diff | blob | blame | history
crypto/ffc/ffc_params_generate.c diff | blob | blame | history
crypto/ffc/ffc_params_validate.c diff | blob | blame | history
include/crypto/dsa.h diff | blob | blame | history
include/internal/ffc.h diff | blob | blame | history
include/openssl/dsaerr.h diff | blob | blame | history
providers/implementations/keymgmt/dsa_kmgmt.c diff | blob | blame | history
test/recipes/15-test_dsaparam.t diff | blob | blame | history
test/recipes/15-test_dsaparam_data/invalid/p2048_q256_bad_q.pem [new file with mode: 0644] blob
test/recipes/15-test_dsaparam_data/invalid/p768_q160_too_small.pem [new file with mode: 0644] blob
A mirror of the official openssl repository