Include modulus sanity checks.

diff --git a/fips-1.0/dh/fips_dh_key.c b/fips-1.0/dh/fips_dh_key.c
index 7f5854f4761a03bc6882d6ef58b3be1d27dbfe04..b30a85f2e469a46c81e78bda852ba4b54c602964 100644 (file)
--- a/fips-1.0/dh/fips_dh_key.c
+++ b/fips-1.0/dh/fips_dh_key.c
@@ -188,6 +188,12 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
        if (ctx == NULL) goto err;
        BN_CTX_start(ctx);
        tmp = BN_CTX_get(ctx);
+
+       if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS)
+               {
+               DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE);
+               goto err;
+               }
        
        if (dh->priv_key == NULL)
                {

diff --git a/fips-1.0/dsa/fips_dsa_ossl.c b/fips-1.0/dsa/fips_dsa_ossl.c
index fb3893afc38e0bef5a2d52b6648cbe72312739a7..a29be0f7fc21996cc0fd9215539d48cd8d7f1f80 100644 (file)
--- a/fips-1.0/dsa/fips_dsa_ossl.c
+++ b/fips-1.0/dsa/fips_dsa_ossl.c
@@ -297,6 +297,18 @@ static int dsa_do_verify(const unsigned char *dgst, FIPS_DSA_SIZE_T dgst_len, DS
            return -1;
            }
 
+       if (BN_num_bits(dsa->q) != 160)
+               {
+               DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_BAD_Q_VALUE);
+               return -1;
+               }
+
+       if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS)
+               {
+               DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE);
+               return -1;
+               }
+
        BN_init(&u1);
        BN_init(&u2);
        BN_init(&t1);