zzy/openssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

dhtest.c: Add test of DH_check() with q = p + 1

Browse Source 
This must fail with DH_CHECK_INVALID_Q_VALUE and
with DH_CHECK_Q_NOT_PRIME unset.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/21550)
This commit is contained in:
Tomas Mraz 2023-07-25 15:23:43 +02:00 committed by Todd Short
parent 1c16253f3c
commit ad5d355726
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
test/dhtest.c
View File

@ -124,6 +124,15 @@ static int dh_test(void)
/* We'll have a stale error on the queue from the above test so clear it */ /* We'll have a stale error on the queue from the above test so clear it */
ERR_clear_error(); ERR_clear_error();
if (!TEST_ptr(BN_copy(q, p)) || !TEST_true(BN_add(q, q, BN_value_one())))
goto err3;
if (!TEST_true(DH_check(dh, &i)))
goto err3;
if (!TEST_true(i & DH_CHECK_INVALID_Q_VALUE)
|| !TEST_false(i & DH_CHECK_Q_NOT_PRIME))
goto err3;
/* Modulus of size: dh check max modulus bits + 1 */ /* Modulus of size: dh check max modulus bits + 1 */
if (!TEST_true(BN_set_word(p, 1)) if (!TEST_true(BN_set_word(p, 1))
|| !TEST_true(BN_lshift(p, p, OPENSSL_DH_CHECK_MAX_MODULUS_BITS))) || !TEST_true(BN_lshift(p, p, OPENSSL_DH_CHECK_MAX_MODULUS_BITS)))
@ -135,6 +144,9 @@ static int dh_test(void)
if (!TEST_false(DH_check(dh, &i))) if (!TEST_false(DH_check(dh, &i)))
goto err3; goto err3;
/* We'll have a stale error on the queue from the above test so clear it */
ERR_clear_error();
/* /*
* II) key generation * II) key generation
*/ */