openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity

ffc/ffc_params_generate.c: Add the check for the EVP_MD_get_size() 

Add the check for the EVP_MD_get_size() to avoid invalid negative numbers.

Fixes: 4f2271d58a ("Add ACVP fips module tests")
Signed-off-by: Jiasheng Jiang <jiasheng@purdue.edu>

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23970)
This commit is contained in:
Jiasheng Jiang 2024-03-25 16:54:55 +00:00 committed by Tomas Mraz
parent f5fde94c54
commit 309c7ffd17
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
crypto/ffc/ffc_params_generate.c
View File

@ -814,6 +814,7 @@ int ossl_ffc_params_FIPS186_2_gen_verify(OSSL_LIB_CTX *libctx,
BIGNUM *r0, *test, *tmp, *g = NULL, *q = NULL, *p = NULL;
BN_MONT_CTX *mont = NULL;
EVP_MD *md = NULL;
int md_size;
size_t qsize;
int n = 0, m = 0;
int counter = 0, pcounter = 0, use_random_seed;
@ -842,8 +843,11 @@ int ossl_ffc_params_FIPS186_2_gen_verify(OSSL_LIB_CTX *libctx,
}
if (md == NULL)
goto err;
md_size = EVP_MD_get_size(md);
if (md_size <= 0)
goto err;
if (N == 0)
N = EVP_MD_get_size(md) * 8;
N = md_size * 8;
qsize = N >> 3;
/*