[openssl] master update
The branch master has been updated via 14951ef01f9b54d804baf2fabdf0a715c630827b (commit) via b461aff257e57b8ba8e72667078fdf6d5047bc91 (commit) via a09a342ffb459d0913954111b7802815e9a3481a (commit) via d715dbd8e566e7827ce8b2e9b6687c2bcd8a89a0 (commit) via e52698f9e33d77419dca827774e5d0bc1815100d (commit) via 1e3317278e4890e812a032b39c7c9dc43ca01458 (commit) from f242ce9817157817b19ccb303fd436fe487539b3 (commit) - Log - commit 14951ef01f9b54d804baf2fabdf0a715c630827b Author: Pauli Date: Mon Jan 17 16:51:03 2022 +1100 e_dasync: remove empty statement Reviewed-by: Tim Hudson Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17528) commit b461aff257e57b8ba8e72667078fdf6d5047bc91 Author: Pauli Date: Mon Jan 17 16:50:16 2022 +1100 demo: remove end of line whitespace Reviewed-by: Tim Hudson Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17528) commit a09a342ffb459d0913954111b7802815e9a3481a Author: Pauli Date: Mon Jan 17 16:49:58 2022 +1100 speed: rework if condition to avoid empty statement Reviewed-by: Tim Hudson Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17528) commit d715dbd8e566e7827ce8b2e9b6687c2bcd8a89a0 Author: Pauli Date: Mon Jan 17 10:37:20 2022 +1100 replace ;; with ; as statement separator Fixes #17525 Reviewed-by: Tim Hudson Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17528) commit e52698f9e33d77419dca827774e5d0bc1815100d Author: Pauli Date: Mon Jan 17 10:36:46 2022 +1100 apps/ca: replace ;; with ; as statement separator Reviewed-by: Tim Hudson Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17528) commit 1e3317278e4890e812a032b39c7c9dc43ca01458 Author: Pauli Date: Mon Jan 17 10:36:06 2022 +1100 ssl: replace ;; with ; as statement separator Reviewed-by: Tim Hudson Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17528) --- Summary of changes: apps/ca.c| 2 +- apps/speed.c | 4 +--- crypto/rsa/rsa_backend.c | 2 +- crypto/x509/x509_trust.c | 2 +- demos/digest/EVP_MD_demo.c | 2 +- engines/e_dasync.c | 1 - providers/implementations/keymgmt/dh_kmgmt.c | 2 +- ssl/ssl_rsa.c| 2 +- ssl/statem/statem_lib.c | 2 +- ssl/t1_lib.c | 2 +- 10 files changed, 9 insertions(+), 12 deletions(-) diff --git a/apps/ca.c b/apps/ca.c index a9d6c5c1a6..271f7de9df 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -1855,7 +1855,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, p = "Valid"; else p = "\ninvalid type, Data base error\n"; -BIO_printf(bio_err, "Type :%s\n", p);; +BIO_printf(bio_err, "Type :%s\n", p); if (rrow[DB_type][0] == DB_TYPE_REV) { p = rrow[DB_exp_date]; if (p == NULL) diff --git a/apps/speed.c b/apps/speed.c index 0ee7347f5b..02e7b1f9b2 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -3551,9 +3551,7 @@ static int do_multi(int multi, int size_num) d = atof(sstrsep(&p, sep)); ffdh_results[k][0] += d; # endif /* OPENSSL_NO_DH */ -} else if (HAS_PREFIX(buf, "+H:")) { -; -} else { +} else if (!HAS_PREFIX(buf, "+H:")) { BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf, n); } diff --git a/crypto/rsa/rsa_backend.c b/crypto/rsa/rsa_backend.c index dc397a6676..ae071f18bf 100644 --- a/crypto/rsa/rsa_backend.c +++ b/crypto/rsa/rsa_backend.c @@ -523,7 +523,7 @@ int ossl_rsa_pss_get_param_unverified(const RSA_PSS_PARAMS *pss, if (pss->trailerField) *ptrailerField = ASN1_INTEGER_get(pss->trailerField); else -*ptrailerField = ossl_rsa_pss_params_30_trailerfield(&pss_params);; +*ptrailerField = ossl_rsa_pss_params_30_trailerfield(&pss_params); return 1; } diff --git a/crypto/x509/x509_trust.c b/crypto/x509/x509_trust.c index ff578aee73..e71db0c9a1 100644 --- a/crypto/x509/x509_trust.c +++ b/crypto/x509/x509_trust.c @@ -166,7 +166,7 @@ int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int), if (trtable ==
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via 5f7757265bfd7ccdf1973bf09f9d72634ea70949 (commit) from 454358be49b55c313fe3781bc6f5f6c644787f87 (commit) - Log - commit 5f7757265bfd7ccdf1973bf09f9d72634ea70949 Author: Kevin Jones Date: Sat Jan 15 01:38:41 2022 + Fix mistake in ERR_peek_error_all documentation. The `func` parameter was incorrect. It was documented as `const char *func` instead of `const char **func`. CLA: trivial Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17522) (cherry picked from commit f242ce9817157817b19ccb303fd436fe487539b3) --- Summary of changes: doc/man3/ERR_get_error.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/man3/ERR_get_error.pod b/doc/man3/ERR_get_error.pod index 6518458907..924c650184 100644 --- a/doc/man3/ERR_get_error.pod +++ b/doc/man3/ERR_get_error.pod @@ -31,7 +31,7 @@ ERR_get_error_line_data, ERR_peek_error_line_data, ERR_peek_last_error_line_data const char **func, const char **data, int *flags); unsigned long ERR_peek_error_all(const char **file, int *line, - const char *func, + const char **func, const char **data, int *flags); unsigned long ERR_peek_last_error_all(const char **file, int *line, const char *func,
[openssl] master update
The branch master has been updated via f242ce9817157817b19ccb303fd436fe487539b3 (commit) from cfbb5fcf4424395a1a23751556ea12c56b80b57e (commit) - Log - commit f242ce9817157817b19ccb303fd436fe487539b3 Author: Kevin Jones Date: Sat Jan 15 01:38:41 2022 + Fix mistake in ERR_peek_error_all documentation. The `func` parameter was incorrect. It was documented as `const char *func` instead of `const char **func`. CLA: trivial Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17522) --- Summary of changes: doc/man3/ERR_get_error.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/man3/ERR_get_error.pod b/doc/man3/ERR_get_error.pod index b5374e7652..4019bdd541 100644 --- a/doc/man3/ERR_get_error.pod +++ b/doc/man3/ERR_get_error.pod @@ -31,7 +31,7 @@ ERR_get_error_line_data, ERR_peek_error_line_data, ERR_peek_last_error_line_data const char **func, const char **data, int *flags); unsigned long ERR_peek_error_all(const char **file, int *line, - const char *func, + const char **func, const char **data, int *flags); unsigned long ERR_peek_last_error_all(const char **file, int *line, const char *func,
Coverity Scan: Analysis completed for openssl/openssl
Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3DzLLa_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeHrFxDqz-2FUweCw6RH5YwwVU3To43NRq7nzYTzdy6fYE9mmcZis1NI4NaLXX-2BuYvV2uYU0ljKKbnwwhdB-2BuNesMtZDdQ1x8wYJ0m12zzll6OQZG9DVQbZfnPWb7-2FXPI3Mbhp-2Bhsc1WDQIAm8Or1JoDAC82qPz88ZJ8kfZZbZufB2JaStmYikHrlyDY8KqP3wMCQ-3D Build ID: 431112 Analysis Summary: New defects found: 0 Defects eliminated: 0
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via 454358be49b55c313fe3781bc6f5f6c644787f87 (commit) from 67397a6aeda3383bdc7c7165d8c0efe9423cc7a9 (commit) - Log - commit 454358be49b55c313fe3781bc6f5f6c644787f87 Author: Tomas Mraz Date: Thu Jan 13 18:07:08 2022 +0100 bn_ppc.c: Fix build failure on AIX with XLC/XLCLANG These compilers define _ARCH_PPC64 for 32 bit builds so we cannot depend solely on this define to identify 32 bit build. Fixes #17087 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17497) (cherry picked from commit cfbb5fcf4424395a1a23751556ea12c56b80b57e) --- Summary of changes: crypto/bn/bn_ppc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/bn/bn_ppc.c b/crypto/bn/bn_ppc.c index 05c0c4cb92..5424c25d47 100644 --- a/crypto/bn/bn_ppc.c +++ b/crypto/bn/bn_ppc.c @@ -40,7 +40,7 @@ int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, * no opportunity to figure it out... */ -#if defined(_ARCH_PPC64) +#if defined(_ARCH_PPC64) && !defined(__ILP32__) if (num == 6) { if (OPENSSL_ppccap_P & PPC_MADD300) return bn_mul_mont_300_fixed_n6(rp, ap, bp, np, n0, num);
[openssl] master update
The branch master has been updated via cfbb5fcf4424395a1a23751556ea12c56b80b57e (commit) from 59d3fd1cc8c938daa6384783a7e5847d6f5201f7 (commit) - Log - commit cfbb5fcf4424395a1a23751556ea12c56b80b57e Author: Tomas Mraz Date: Thu Jan 13 18:07:08 2022 +0100 bn_ppc.c: Fix build failure on AIX with XLC/XLCLANG These compilers define _ARCH_PPC64 for 32 bit builds so we cannot depend solely on this define to identify 32 bit build. Fixes #17087 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17497) --- Summary of changes: crypto/bn/bn_ppc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/bn/bn_ppc.c b/crypto/bn/bn_ppc.c index 05c0c4cb92..5424c25d47 100644 --- a/crypto/bn/bn_ppc.c +++ b/crypto/bn/bn_ppc.c @@ -40,7 +40,7 @@ int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, * no opportunity to figure it out... */ -#if defined(_ARCH_PPC64) +#if defined(_ARCH_PPC64) && !defined(__ILP32__) if (num == 6) { if (OPENSSL_ppccap_P & PPC_MADD300) return bn_mul_mont_300_fixed_n6(rp, ap, bp, np, n0, num);
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via 67397a6aeda3383bdc7c7165d8c0efe9423cc7a9 (commit) from 8bb90f43aa732efb9530edc2ab3767b228d5d9da (commit) - Log - commit 67397a6aeda3383bdc7c7165d8c0efe9423cc7a9 Author: Tomas Mraz Date: Thu Jan 13 19:02:31 2022 +0100 dhtest: Add testcase for EVP_PKEY_CTX_set_dh_nid And a negative testcase for EVP_PKEY_CTX_set_dhx_rfc5114 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17498) (cherry picked from commit 59d3fd1cc8c938daa6384783a7e5847d6f5201f7) --- Summary of changes: test/dhtest.c | 28 1 file changed, 28 insertions(+) diff --git a/test/dhtest.c b/test/dhtest.c index 71c95b186f..ce94999f7d 100644 --- a/test/dhtest.c +++ b/test/dhtest.c @@ -744,6 +744,33 @@ static int dh_rfc5114_fix_nid_test(void) /* Tested function is called here */ if (!TEST_int_eq(EVP_PKEY_CTX_set_dhx_rfc5114(paramgen_ctx, 3), 1)) goto err; +/* Negative test */ +if (!TEST_int_eq(EVP_PKEY_CTX_set_dhx_rfc5114(paramgen_ctx, 99), 0)) +goto err; +/* If we're still running then the test passed. */ +ok = 1; +err: +EVP_PKEY_CTX_free(paramgen_ctx); +return ok; +} + +static int dh_set_dh_nid_test(void) +{ +int ok = 0; +EVP_PKEY_CTX *paramgen_ctx; + +/* Run the test. Success is any time the test does not cause a SIGSEGV interrupt */ +paramgen_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_DH, 0); +if (!TEST_ptr(paramgen_ctx)) +goto err; +if (!TEST_int_eq(EVP_PKEY_paramgen_init(paramgen_ctx), 1)) +goto err; +/* Tested function is called here */ +if (!TEST_int_eq(EVP_PKEY_CTX_set_dh_nid(paramgen_ctx, NID_ffdhe2048), 1)) +goto err; +/* Negative test */ +if (!TEST_int_eq(EVP_PKEY_CTX_set_dh_nid(paramgen_ctx, NID_secp521r1), 0)) +goto err; /* If we're still running then the test passed. */ ok = 1; err: @@ -898,6 +925,7 @@ int setup_tests(void) ADD_TEST(dh_get_nid); ADD_TEST(dh_load_pkcs3_namedgroup_privlen_test); ADD_TEST(dh_rfc5114_fix_nid_test); +ADD_TEST(dh_set_dh_nid_test); #endif return 1; }
[openssl] master update
The branch master has been updated via 59d3fd1cc8c938daa6384783a7e5847d6f5201f7 (commit) via 3b53f88c008d288e86d2bbdc0c4e2d16c29fcee8 (commit) via f58bb2dd00c3004552c5c1e8d0f2c1390c004cf8 (commit) from 144316d276adf5b8172316f7bc20b372b8e31ac8 (commit) - Log - commit 59d3fd1cc8c938daa6384783a7e5847d6f5201f7 Author: Tomas Mraz Date: Thu Jan 13 19:02:31 2022 +0100 dhtest: Add testcase for EVP_PKEY_CTX_set_dh_nid And a negative testcase for EVP_PKEY_CTX_set_dhx_rfc5114 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17498) commit 3b53f88c008d288e86d2bbdc0c4e2d16c29fcee8 Author: Tomas Mraz Date: Thu Jan 13 19:01:33 2022 +0100 Do not call ossl_ffc_name_to_dh_named_group with NULL argument Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17498) commit f58bb2dd00c3004552c5c1e8d0f2c1390c004cf8 Author: Tomas Mraz Date: Thu Jan 13 19:00:13 2022 +0100 Properly return error on EVP_PKEY_CTX_set_dh_nid and EVP_PKEY_CTX_set_dhx_rfc5114 Fixes #17485 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17498) --- Summary of changes: crypto/evp/ctrl_params_translate.c | 23 +-- crypto/ffc/ffc_backend.c | 1 + providers/implementations/keymgmt/dh_kmgmt.c | 1 + test/dhtest.c| 28 4 files changed, 47 insertions(+), 6 deletions(-) diff --git a/crypto/evp/ctrl_params_translate.c b/crypto/evp/ctrl_params_translate.c index c4589f1416..2deb1d9b47 100644 --- a/crypto/evp/ctrl_params_translate.c +++ b/crypto/evp/ctrl_params_translate.c @@ -1004,8 +1004,11 @@ static int fix_dh_nid(enum state state, return 0; if (state == PRE_CTRL_TO_PARAMS) { -ctx->p2 = (char *)ossl_ffc_named_group_get_name -(ossl_ffc_uid_to_dh_named_group(ctx->p1)); +if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name + (ossl_ffc_uid_to_dh_named_group(ctx->p1))) == NULL) { +ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE); +return 0; +} ctx->p1 = 0; } @@ -1028,16 +1031,24 @@ static int fix_dh_nid5114(enum state state, switch (state) { case PRE_CTRL_TO_PARAMS: -ctx->p2 = (char *)ossl_ffc_named_group_get_name -(ossl_ffc_uid_to_dh_named_group(ctx->p1)); +if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name + (ossl_ffc_uid_to_dh_named_group(ctx->p1))) == NULL) { +ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE); +return 0; +} + ctx->p1 = 0; break; case PRE_CTRL_STR_TO_PARAMS: if (ctx->p2 == NULL) return 0; -ctx->p2 = (char *)ossl_ffc_named_group_get_name -(ossl_ffc_uid_to_dh_named_group(atoi(ctx->p2))); +if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name + (ossl_ffc_uid_to_dh_named_group(atoi(ctx->p2 == NULL) { +ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE); +return 0; +} + ctx->p1 = 0; break; diff --git a/crypto/ffc/ffc_backend.c b/crypto/ffc/ffc_backend.c index b227186934..b387f966cc 100644 --- a/crypto/ffc/ffc_backend.c +++ b/crypto/ffc/ffc_backend.c @@ -37,6 +37,7 @@ int ossl_ffc_params_fromdata(FFC_PARAMS *ffc, const OSSL_PARAM params[]) const DH_NAMED_GROUP *group = NULL; if (prm->data_type != OSSL_PARAM_UTF8_STRING +|| prm->data == NULL || (group = ossl_ffc_name_to_dh_named_group(prm->data)) == NULL || !ossl_ffc_named_group_set_pqg(ffc, group)) #endif diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c index 98eb882e3f..ab8ef3ac52 100644 --- a/providers/implementations/keymgmt/dh_kmgmt.c +++ b/providers/implementations/keymgmt/dh_kmgmt.c @@ -532,6 +532,7 @@ static int dh_gen_common_set_params(void *genctx, const OSSL_PARAM params[]) const DH_NAMED_GROUP *group = NULL; if (p->data_type != OSSL_PARAM_UTF8_STRING +|| p->data == NULL || (group = ossl_ffc_name_to_dh_named_group(p->data)) == NULL || ((gctx->group_nid = ossl_ffc_named_group_get_uid(group)) == NID_undef)) { diff --git a/test/dhtest.c b/test/dhtest.c index c24bae4a82..3973a4b79d 100644 --- a/test/dhtest.c +++ b/test/dhtest.c @@ -744,6 +744,33 @@ static int dh_rfc5114_fix_nid_test(void) /* Tested function is called here */ if (!TEST_int_eq(EVP_PKEY_CTX_set_dhx_rfc5114(paramgen_ctx, 3), 1)) goto err; +/* Negative test */ +if (!TEST_int_eq(EVP_PKEY_CTX_set_dhx_rfc5114(paramgen_ctx, 99), 0)) +goto err; +/* If we're still
[openssl] openssl-3.0 update
The branch openssl-3.0 has been updated via 8bb90f43aa732efb9530edc2ab3767b228d5d9da (commit) via 554addd65b6ce9ee0b8f1d6c4115ef192d693f4f (commit) from ba4f941b081897747e8432296cd14bebafc97920 (commit) - Log - commit 8bb90f43aa732efb9530edc2ab3767b228d5d9da Author: Tomas Mraz Date: Thu Jan 13 19:01:33 2022 +0100 Do not call ossl_ffc_name_to_dh_named_group with NULL argument Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17498) (cherry picked from commit 3b53f88c008d288e86d2bbdc0c4e2d16c29fcee8) commit 554addd65b6ce9ee0b8f1d6c4115ef192d693f4f Author: Tomas Mraz Date: Thu Jan 13 19:00:13 2022 +0100 Properly return error on EVP_PKEY_CTX_set_dh_nid and EVP_PKEY_CTX_set_dhx_rfc5114 Fixes #17485 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17498) (cherry picked from commit f58bb2dd00c3004552c5c1e8d0f2c1390c004cf8) --- Summary of changes: crypto/evp/ctrl_params_translate.c | 23 +-- crypto/ffc/ffc_backend.c | 1 + providers/implementations/keymgmt/dh_kmgmt.c | 1 + 3 files changed, 19 insertions(+), 6 deletions(-) diff --git a/crypto/evp/ctrl_params_translate.c b/crypto/evp/ctrl_params_translate.c index f6a2d1d0f8..3dd3e8f995 100644 --- a/crypto/evp/ctrl_params_translate.c +++ b/crypto/evp/ctrl_params_translate.c @@ -1004,8 +1004,11 @@ static int fix_dh_nid(enum state state, return 0; if (state == PRE_CTRL_TO_PARAMS) { -ctx->p2 = (char *)ossl_ffc_named_group_get_name -(ossl_ffc_uid_to_dh_named_group(ctx->p1)); +if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name + (ossl_ffc_uid_to_dh_named_group(ctx->p1))) == NULL) { +ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE); +return 0; +} ctx->p1 = 0; } @@ -1028,16 +1031,24 @@ static int fix_dh_nid5114(enum state state, switch (state) { case PRE_CTRL_TO_PARAMS: -ctx->p2 = (char *)ossl_ffc_named_group_get_name -(ossl_ffc_uid_to_dh_named_group(ctx->p1)); +if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name + (ossl_ffc_uid_to_dh_named_group(ctx->p1))) == NULL) { +ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE); +return 0; +} + ctx->p1 = 0; break; case PRE_CTRL_STR_TO_PARAMS: if (ctx->p2 == NULL) return 0; -ctx->p2 = (char *)ossl_ffc_named_group_get_name -(ossl_ffc_uid_to_dh_named_group(atoi(ctx->p2))); +if ((ctx->p2 = (char *)ossl_ffc_named_group_get_name + (ossl_ffc_uid_to_dh_named_group(atoi(ctx->p2 == NULL) { +ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE); +return 0; +} + ctx->p1 = 0; break; diff --git a/crypto/ffc/ffc_backend.c b/crypto/ffc/ffc_backend.c index b227186934..b387f966cc 100644 --- a/crypto/ffc/ffc_backend.c +++ b/crypto/ffc/ffc_backend.c @@ -37,6 +37,7 @@ int ossl_ffc_params_fromdata(FFC_PARAMS *ffc, const OSSL_PARAM params[]) const DH_NAMED_GROUP *group = NULL; if (prm->data_type != OSSL_PARAM_UTF8_STRING +|| prm->data == NULL || (group = ossl_ffc_name_to_dh_named_group(prm->data)) == NULL || !ossl_ffc_named_group_set_pqg(ffc, group)) #endif diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c index 98eb882e3f..ab8ef3ac52 100644 --- a/providers/implementations/keymgmt/dh_kmgmt.c +++ b/providers/implementations/keymgmt/dh_kmgmt.c @@ -532,6 +532,7 @@ static int dh_gen_common_set_params(void *genctx, const OSSL_PARAM params[]) const DH_NAMED_GROUP *group = NULL; if (p->data_type != OSSL_PARAM_UTF8_STRING +|| p->data == NULL || (group = ossl_ffc_name_to_dh_named_group(p->data)) == NULL || ((gctx->group_nid = ossl_ffc_named_group_get_uid(group)) == NID_undef)) {