1diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c 2index 4ac169e..9cb4482 100644 3--- a/crypto/dh/dh_check.c 4+++ b/crypto/dh/dh_check.c 5@@ -184,6 +184,20 @@ int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) 6 BN_CTX *ctx = NULL; 7 8 *ret = 0; 9+ 10+ /* Don't do any checks at all with an excessively large modulus */ 11+ if (BN_num_bits(dh->p) > OPENSSL_DH_CHECK_MAX_MODULUS_BITS) { 12+ DHerr(DH_F_DH_CHECK_EX, DH_R_MODULUS_TOO_LARGE); 13+ *ret = DH_MODULUS_TOO_LARGE | DH_CHECK_PUBKEY_INVALID; 14+ return 0; 15+ } 16+ 17+ if (dh->q != NULL && BN_ucmp(dh->p, dh->q) < 0) { 18+ *ret |= DH_CHECK_INVALID_Q_VALUE | DH_CHECK_PUBKEY_INVALID; 19+ return 1; 20+ } 21+ 22+ 23 ctx = BN_CTX_new(); 24 if (ctx == NULL) 25 goto err; 26diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c 27index 7285587..85f1e51 100644 28--- a/crypto/dh/dh_err.c 29+++ b/crypto/dh/dh_err.c 30@@ -81,6 +81,7 @@ static const ERR_STRING_DATA DH_str_reasons[] = { 31 {ERR_PACK(ERR_LIB_DH, 0, DH_R_PARAMETER_ENCODING_ERROR), 32 "parameter encoding error"}, 33 {ERR_PACK(ERR_LIB_DH, 0, DH_R_PEER_KEY_ERROR), "peer key error"}, 34+ {ERR_PACK(ERR_LIB_DH, 0, DH_R_Q_TOO_LARGE), "q too large"}, 35 {ERR_PACK(ERR_LIB_DH, 0, DH_R_SHARED_INFO_ERROR), "shared info error"}, 36 {ERR_PACK(ERR_LIB_DH, 0, DH_R_UNABLE_TO_CHECK_GENERATOR), 37 "unable to check generator"}, 38diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c 39index 117f2fa..b4c789d 100644 40--- a/crypto/dh/dh_key.c 41+++ b/crypto/dh/dh_key.c 42@@ -109,6 +109,12 @@ static int generate_key(DH *dh) 43 BN_MONT_CTX *mont = NULL; 44 BIGNUM *pub_key = NULL, *priv_key = NULL; 45 46+ if (dh->q != NULL 47+ && BN_num_bits(dh->q) > OPENSSL_DH_MAX_MODULUS_BITS) { 48+ DHerr(DH_F_GENERATE_KEY, DH_R_Q_TOO_LARGE); 49+ return 0; 50+ } 51+ 52 if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) { 53 DHerr(DH_F_GENERATE_KEY, DH_R_MODULUS_TOO_LARGE); 54 return 0; 55@@ -202,6 +208,12 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) 56 int ret = -1; 57 int check_result; 58 59+ if (dh->q != NULL 60+ && BN_num_bits(dh->q) > OPENSSL_DH_MAX_MODULUS_BITS) { 61+ DHerr(DH_F_COMPUTE_KEY, DH_R_Q_TOO_LARGE); 62+ goto err; 63+ } 64+ 65 if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) { 66 DHerr(DH_F_COMPUTE_KEY, DH_R_MODULUS_TOO_LARGE); 67 goto err; 68diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt 69index 7e17763..405c116 100644 70--- a/crypto/err/openssl.txt 71+++ b/crypto/err/openssl.txt 72@@ -2100,6 +2100,7 @@ DH_R_NO_PARAMETERS_SET:107:no parameters set 73 DH_R_NO_PRIVATE_VALUE:100:no private value 74 DH_R_PARAMETER_ENCODING_ERROR:105:parameter encoding error 75 DH_R_PEER_KEY_ERROR:111:peer key error 76+DH_R_Q_TOO_LARGE:130:q too large 77 DH_R_SHARED_INFO_ERROR:113:shared info error 78 DH_R_UNABLE_TO_CHECK_GENERATOR:121:unable to check generator 79 DSA_R_BAD_Q_VALUE:102:bad q value 80diff --git a/include/openssl/dh.h b/include/openssl/dh.h 81index 3527540..a50ad96 100644 82--- a/include/openssl/dh.h 83+++ b/include/openssl/dh.h 84@@ -68,14 +68,15 @@ DECLARE_ASN1_ITEM(DHparams) 85 /* #define DH_GENERATOR_3 3 */ 86 # define DH_GENERATOR_5 5 87 88-/* DH_check error codes */ 89+/* DH_check error codes, some of them shared with DH_check_pub_key */ 90 # define DH_CHECK_P_NOT_PRIME 0x01 91 # define DH_CHECK_P_NOT_SAFE_PRIME 0x02 92 # define DH_UNABLE_TO_CHECK_GENERATOR 0x04 93 # define DH_NOT_SUITABLE_GENERATOR 0x08 94 # define DH_CHECK_Q_NOT_PRIME 0x10 95-# define DH_CHECK_INVALID_Q_VALUE 0x20 96+# define DH_CHECK_INVALID_Q_VALUE 0x20 /* +DH_check_pub_key */ 97 # define DH_CHECK_INVALID_J_VALUE 0x40 98+# define DH_MODULUS_TOO_LARGE 0x100 99 100 /* DH_check_pub_key error codes */ 101 # define DH_CHECK_PUBKEY_TOO_SMALL 0x01 102diff --git a/include/openssl/dherr.h b/include/openssl/dherr.h 103index 916b3be..88c3a6c 100644 104--- a/include/openssl/dherr.h 105+++ b/include/openssl/dherr.h 106@@ -81,6 +81,7 @@ int ERR_load_DH_strings(void); 107 # define DH_R_NO_PRIVATE_VALUE 100 108 # define DH_R_PARAMETER_ENCODING_ERROR 105 109 # define DH_R_PEER_KEY_ERROR 111 110+# define DH_R_Q_TOO_LARGE 130 111 # define DH_R_SHARED_INFO_ERROR 113 112 # define DH_R_UNABLE_TO_CHECK_GENERATOR 121 113 114