From a72ee61b79841b894443eefab98b932ebc251fdd Mon Sep 17 00:00:00 2001
From: Norbert Pocs <norbertp@openssl.org>
Date: Sun, 11 May 2025 17:36:05 +0200
Subject: [PATCH] s3_lib.c: Handle weak x keys as illegal_parameter alert
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27597)

(cherry picked from commit 5da4ea10be8cf8ca66dff95c9997966f21c82029)
---
 ssl/s3_lib.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 2bc5e79fd12..4084cf724b0 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -4898,7 +4898,10 @@ int ssl_derive(SSL_CONNECTION *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gense
     }
 
     if (EVP_PKEY_derive(pctx, pms, &pmslen) <= 0) {
-        SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+        /*
+         * the public key was probably a weak key
+         */
+        SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_KEY_SHARE);
         goto err;
     }
 
-- 
2.47.2