projects / oweals / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Generate error queue entry on FFC_CHECK_BAD_LN_PAIR for DH and DSA
[oweals/openssl.git] / crypto / ffc / ffc_params_generate.c
diff --git a/crypto/ffc/ffc_params_generate.c b/crypto/ffc/ffc_params_generate.c
index 1d8d80c9b4c63e30827aad642a882393e866e92d..624c24dd2175d7127006f2b5b0efcc52f43619aa 100644 (file)
--- a/crypto/ffc/ffc_params_generate.c
+++ b/crypto/ffc/ffc_params_generate.c
@@ -27,6 +27,9 @@
 #include <string.h> /* memset */
 #include <openssl/sha.h> /* SHA_DIGEST_LENGTH */
 #include <openssl/rand.h>
+#include <openssl/err.h>
+#include <openssl/dherr.h>
+#include <openssl/dsaerr.h>
 #include "crypto/bn.h"
 #include "internal/ffc.h"
 
@@ -40,6 +43,9 @@ static int ffc_validate_LN(size_t L, size_t N, int type)
         /* Valid DH L,N parameters from SP800-56Ar3 5.5.1 Table 1 */
         if (L == 2048 && (N == 224 || N == 256))
             return 112;
+#ifndef OPENSSL_NO_DH
+        DHerr(0, DH_R_BAD_FFC_PARAMETERS);
+#endif
     } else if (type == FFC_PARAM_TYPE_DSA) {
         /* Valid DSA L,N parameters from FIPS 186-4 Section 4.2 */
         if (L == 1024 && N == 160)
@@ -48,6 +54,9 @@ static int ffc_validate_LN(size_t L, size_t N, int type)
             return 112;
         if (L == 3072 && N == 256)
             return 128;
+#ifndef OPENSSL_NO_DSA
+        DSAerr(0, DSA_R_BAD_FFC_PARAMETERS);
+#endif
     }
     return 0;
 }
Unnamed repository; edit this file 'description' to name the repository.