mirror of
https://github.com/openssl/openssl.git
synced 2024-12-21 06:09:35 +08:00
ec061bf8ff
We already check for an excessively large P in DH_generate_key(), but not in DH_check_pub_key(), and none of them check for an excessively large Q. This change adds all the missing excessive size checks of P and Q. It's to be noted that behaviours surrounding excessively sized P and Q differ. DH_check() raises an error on the excessively sized P, but only sets a flag for the excessively sized Q. This behaviour is mimicked in DH_check_pub_key(). Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22453)
31 lines
667 B
C
31 lines
667 B
C
/*
|
|
* Generated by util/mkerr.pl DO NOT EDIT
|
|
* Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
|
|
*
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
* in the file LICENSE in the source distribution or at
|
|
* https://www.openssl.org/source/license.html
|
|
*/
|
|
|
|
#ifndef OSSL_CRYPTO_DHERR_H
|
|
# define OSSL_CRYPTO_DHERR_H
|
|
# pragma once
|
|
|
|
# include <openssl/opensslconf.h>
|
|
# include <openssl/symhacks.h>
|
|
|
|
# ifdef __cplusplus
|
|
extern "C" {
|
|
# endif
|
|
|
|
# ifndef OPENSSL_NO_DH
|
|
|
|
int ossl_err_load_DH_strings(void);
|
|
# endif
|
|
|
|
# ifdef __cplusplus
|
|
}
|
|
# endif
|
|
#endif
|