Home Explore Help
Register Sign In
OWEALs
/
openssl
mirror of git://git.openssl.org/openssl.git
2
0
Fork 1
Files Issues 1 Wiki
Browse Source

Fix incorrect check on RAND_bytes_ex() in generate_q_fips186_4()

RAND_bytes_ex() can also return 0 on failure. Other callers do check
this correctly. Change the check from <0 to <=0.

Fixes: #20100

CLA: trivial

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20106)
Niels Dossche 1 year ago
parent
1d85794532
commit
a2b01ae1c8
1 changed files with 1 additions and 1 deletions
Split View Show Diff Stats
  1. 1 1
      crypto/ffc/ffc_params_generate.c

+ 1 - 1
crypto/ffc/ffc_params_generate.c
View File 

@@ -329,7 +329,7 @@ static int generate_q_fips186_4(BN_CTX *ctx, BIGNUM *q, const EVP_MD *evpmd,
 
 
         /* A.1.1.2 Step (5) : generate seed with size seed_len */
 
         if (generate_seed
 
-                && RAND_bytes_ex(libctx, seed, seedlen, 0) < 0)
 
+                && RAND_bytes_ex(libctx, seed, seedlen, 0) <= 0)
 
             goto err;
 
         /*
 
          * A.1.1.2 Step (6) AND