Blame SOURCES/openssl-fips-0.9.8e-dh-check.patch

c4366c
diff -up openssl-fips-0.9.8e/fips/dh/fips_dh_key.c.dh-check openssl-fips-0.9.8e/fips/dh/fips_dh_key.c
c4366c
--- openssl-fips-0.9.8e/fips/dh/fips_dh_key.c.dh-check	2007-08-21 16:44:13.000000000 +0200
c4366c
+++ openssl-fips-0.9.8e/fips/dh/fips_dh_key.c	2011-05-04 12:30:34.000000000 +0200
c4366c
@@ -189,6 +189,7 @@ static int compute_key(unsigned char *ke
c4366c
 	BN_MONT_CTX *mont=NULL;
c4366c
 	BIGNUM *tmp;
c4366c
 	int ret= -1;
c4366c
+        int check_result;
c4366c
 
c4366c
 	ctx = BN_CTX_new();
c4366c
 	if (ctx == NULL) goto err;
c4366c
@@ -227,6 +228,12 @@ static int compute_key(unsigned char *ke
c4366c
 			goto err;
c4366c
 		}
c4366c
 
c4366c
+        if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result)
c4366c
+		{
c4366c
+		DHerr(DH_F_COMPUTE_KEY,DH_R_INVALID_PUBKEY);
c4366c
+		goto err;
c4366c
+		}
c4366c
+
c4366c
 	if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
c4366c
 		{
c4366c
 		DHerr(DH_F_COMPUTE_KEY,ERR_R_BN_LIB);
c4366c
@@ -235,8 +242,11 @@ static int compute_key(unsigned char *ke
c4366c
 
c4366c
 	ret=BN_bn2bin(tmp,key);
c4366c
 err:
c4366c
-	BN_CTX_end(ctx);
c4366c
-	BN_CTX_free(ctx);
c4366c
+	if (ctx != NULL)
c4366c
+		{
c4366c
+		BN_CTX_end(ctx);
c4366c
+		BN_CTX_free(ctx);
c4366c
+		}
c4366c
 	return(ret);
c4366c
 	}
c4366c