diff options
Diffstat (limited to 'fips-1.0/dh/fips_dh_key.c')
| -rw-r--r-- | fips-1.0/dh/fips_dh_key.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/fips-1.0/dh/fips_dh_key.c b/fips-1.0/dh/fips_dh_key.c index b30a85f2e4..6c590d0e98 100644 --- a/fips-1.0/dh/fips_dh_key.c +++ b/fips-1.0/dh/fips_dh_key.c @@ -194,7 +194,13 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE); goto err; } - + + if (FIPS_mode() && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS)) + { + DHerr(DH_F_COMPUTE_KEY, DH_R_KEY_SIZE_TOO_SMALL); + goto err; + } + if (dh->priv_key == NULL) { DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE); |