fixed jenkins failure part1

2025-08-03 12:44:45 +02:00 · 2021-04-18 14:41:54 +09:00
parent e063984d17
commit 2f5b280d6c
1 changed files with 12 additions and 2 deletions
--- a/wolfcrypt/src/evp.c
+++ b/wolfcrypt/src/evp.c
@@ -2177,13 +2177,14 @@ static int DH_param_check(WOLFSSL_DH* dh_key)
                WOLFSSL_MSG("dh_key->g is not suitable generator");
                ret = WOLFSSL_FAILURE;
            }
-
+#ifdef WOLFSSL_KEY_GEN
        /* test if the number q is prime. */
        if (ret == WOLFSSL_SUCCESS &&
            (wolfSSL_BN_is_prime_ex(dh_key->q, 64, ctx, NULL) <= 0)) {
            WOLFSSL_MSG("dh_key->q is not prime or error during check.");
            ret = WOLFSSL_FAILURE;
        } /* else TO DO check q div q - 1. need BN_div */
+#endif
    }
    
    /* clean up */
@@ -2203,6 +2204,9 @@ int wolfSSL_EVP_PKEY_param_check(WOLFSSL_EVP_PKEY_CTX* ctx)
 {
    int type;
    int ret;
+    WOLFSSL_DH* dh_key = NULL;
+    
+    (void)dh_key;
    
    /* sanity check */
    if (ctx == NULL) {
@@ -2232,7 +2236,13 @@ int wolfSSL_EVP_PKEY_param_check(WOLFSSL_EVP_PKEY_CTX* ctx)
        #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) \
                                        && (HAVE_FIPS_VERSION>2))
        case EVP_PKEY_DH:
-            ret = DH_param_check(wolfSSL_EVP_PKEY_get1_DH(ctx->pkey));
+            dh_key = wolfSSL_EVP_PKEY_get1_DH(ctx->pkey);
+            if (dh_key != NULL) {
+                ret = DH_param_check(dh_key);
+                wolfSSL_DH_free(dh_key);
+            }
+            else
+                ret = WOLFSSL_FAILURE;
            return ret;
        #endif
        #endif