Reject obviously invalid DSA parameters during signing. If g is zero, the retry loop will run infinitely. See 8f506274029903457c5f1d8663a012763f55cd37 from upstream. Change-Id: I9e36002f2907dee3b5905e414e3c931d62b1a447 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/35924 Reviewed-by: Adam Langley <agl@google.com>

commit: 8728af480156e3471775a41ec33c352e0b09000d [log] [tgz]
author: David Benjamin <davidben@google.com> Tue May 07 11:41:25 2019 -0500
committer: Adam Langley <agl@google.com> Tue May 07 22:12:54 2019 +0000
tree: c769764775815154694df8872741dc75d26ab7a8
parent: b19b79d71137dfbaeb6a88d3f50026f8f37ff2b0 [diff] [blame]
diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h
index bed93c5..8e3b9b3 100644
--- a/include/openssl/dsa.h
+++ b/include/openssl/dsa.h

@@ -436,5 +436,6 @@
 #define DSA_R_BAD_VERSION 104
 #define DSA_R_DECODE_ERROR 105
 #define DSA_R_ENCODE_ERROR 106
+#define DSA_R_INVALID_PARAMETERS 107
 
 #endif  // OPENSSL_HEADER_DSA_H
commit	8728af480156e3471775a41ec33c352e0b09000d	[log] [tgz]
author	David Benjamin <davidben@google.com>	Tue May 07 11:41:25 2019 -0500
committer	Adam Langley <agl@google.com>	Tue May 07 22:12:54 2019 +0000
tree	c769764775815154694df8872741dc75d26ab7a8
parent	b19b79d71137dfbaeb6a88d3f50026f8f37ff2b0 [diff] [blame]