From 92dcfb796f51aa64d0ff34a5c9dbabf49f432c6f Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Thu, 6 Feb 2020 15:30:24 +0000
Subject: [PATCH] Fix no-dh

Don't use DH specific macros that might need to be used in a no-dh build.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/11030)
---
 include/internal/ffc.h | 19 ++++++++++++-------
 include/openssl/dh.h   |  4 ++++
 2 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/include/internal/ffc.h b/include/internal/ffc.h
index 75df3a1ffd..67282fd807 100644
--- a/include/internal/ffc.h
+++ b/include/internal/ffc.h
@@ -33,13 +33,18 @@
 # define FFC_PARAMS_VALIDATE_G   0x02
 # define FFC_PARAMS_VALIDATE_ALL (FFC_PARAMS_VALIDATE_PQ | FFC_PARAMS_VALIDATE_G)
 
-# define FFC_CHECK_P_NOT_PRIME                DH_CHECK_P_NOT_PRIME
-# define FFC_CHECK_P_NOT_SAFE_PRIME           DH_CHECK_P_NOT_SAFE_PRIME
-# define FFC_CHECK_UNKNOWN_GENERATOR          DH_UNABLE_TO_CHECK_GENERATOR
-# define FFC_CHECK_NOT_SUITABLE_GENERATOR     DH_NOT_SUITABLE_GENERATOR
-# define FFC_CHECK_Q_NOT_PRIME                DH_CHECK_Q_NOT_PRIME
-# define FFC_CHECK_INVALID_Q_VALUE            DH_CHECK_INVALID_Q_VALUE
-# define FFC_CHECK_INVALID_J_VALUE            DH_CHECK_INVALID_J_VALUE
+/*
+ * NB: These values must align with the equivalently named macros in
+ * openssl/dh.h. We cannot use those macros here in case DH has been disabled.
+ */
+# define FFC_CHECK_P_NOT_PRIME                0x00001
+# define FFC_CHECK_P_NOT_SAFE_PRIME           0x00002
+# define FFC_CHECK_UNKNOWN_GENERATOR          0x00004
+# define FFC_CHECK_NOT_SUITABLE_GENERATOR     0x00008
+# define FFC_CHECK_Q_NOT_PRIME                0x00010
+# define FFC_CHECK_INVALID_Q_VALUE            0x00020
+# define FFC_CHECK_INVALID_J_VALUE            0x00040
+
 # define FFC_CHECK_BAD_LN_PAIR                0x00080
 # define FFC_CHECK_INVALID_SEED_SIZE          0x00100
 # define FFC_CHECK_MISSING_SEED_OR_COUNTER    0x00200
diff --git a/include/openssl/dh.h b/include/openssl/dh.h
index 3040bc03a6..67783bae7b 100644
--- a/include/openssl/dh.h
+++ b/include/openssl/dh.h
@@ -75,6 +75,10 @@ DECLARE_ASN1_ITEM(DHparams)
 # define DH_GENERATOR_5          5
 
 /* DH_check error codes */
+/*
+ * NB: These values must align with the equivalently named macros in
+ * internal/ffc.h.
+ */
 # define DH_CHECK_P_NOT_PRIME            0x01
 # define DH_CHECK_P_NOT_SAFE_PRIME       0x02
 # define DH_UNABLE_TO_CHECK_GENERATOR    0x04
-- 
2.39.2