From: Sahana Prasad <sahana@redhat.com>
Date: Mon, 25 Jan 2021 13:44:29 +0000 (+0100)
Subject: DH: Make DH_bits(), DH_size(), and DH_security_bits() check that there are key parameters
X-Git-Tag: openssl-3.0.0-alpha12~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5d8ffebbcdf4992d3c428201b1f3330020bbe92e;p=thirdparty%2Fopenssl.git

DH: Make DH_bits(), DH_size(), and DH_security_bits() check that there are key parameters

Fixes #13569
Signed-off-by: Sahana Prasad <sahana@redhat.com>

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13955)
---

diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c
index e8a66878ab3..46aba02bad7 100644
--- a/crypto/dh/dh_lib.c
+++ b/crypto/dh/dh_lib.c
@@ -187,12 +187,16 @@ void *DH_get_ex_data(const DH *d, int idx)
 
 int DH_bits(const DH *dh)
 {
-    return BN_num_bits(dh->params.p);
+    if (dh->params.p != NULL)
+        return BN_num_bits(dh->params.p);
+    return -1;
 }
 
 int DH_size(const DH *dh)
 {
-    return BN_num_bytes(dh->params.p);
+    if (dh->params.p != NULL)
+        return BN_num_bytes(dh->params.p);
+    return -1;
 }
 
 int DH_security_bits(const DH *dh)
@@ -204,7 +208,9 @@ int DH_security_bits(const DH *dh)
         N = dh->length;
     else
         N = -1;
-    return BN_security_bits(BN_num_bits(dh->params.p), N);
+    if (dh->params.p != NULL)
+        return BN_security_bits(BN_num_bits(dh->params.p), N);
+    return -1;
 }
 
 void DH_get0_pqg(const DH *dh,
diff --git a/doc/man3/DH_size.pod b/doc/man3/DH_size.pod
index 099c1bad3f8..99e34034f2c 100644
--- a/doc/man3/DH_size.pod
+++ b/doc/man3/DH_size.pod
@@ -38,11 +38,14 @@ key. See L<BN_security_bits(3)>.
 
 =head1 RETURN VALUES
 
-DH_bits() returns the number of bits in the key.
+DH_bits() returns the number of bits in the key, or -1 if
+B<dh> doesn't hold any key parameters.
 
-DH_size() returns the prime size of Diffie-Hellman in bytes.
+DH_size() returns the prime size of Diffie-Hellman in bytes, or -1 if
+B<dh> doesn't hold any key parameters.
 
-DH_security_bits() returns the number of security bits.
+DH_security_bits() returns the number of security bits, or -1 if
+B<dh> doesn't hold any key parameters.
 
 =head1 SEE ALSO