Fix DH private key check.

A recent addition removed setting the dh private key length when
a safe prime group is used. The private key validation check was relying on this
being set for safe primes. Setting the upper bound no longer checks the
length if the value is zero.

This caused a failure in the daily build of acvp_tests.

Reviewed-by: Tomas Mraz <>
Reviewed-by: Paul Dale <>
Reviewed-by: Matt Caswell <>
(Merged from
Shane Lontis 2 years ago committed by Matt Caswell
parent d66ff761d2
commit 9932585220

@ -262,7 +262,7 @@ int ossl_dh_check_priv_key(const DH *dh, const BIGNUM *priv_key, int *ret)
upper = dh->params.q;
/* Is it from an approved Safe prime group ?*/
if (DH_get_nid((DH *)dh) != NID_undef) {
if (DH_get_nid((DH *)dh) != NID_undef && dh->length != 0) {
if (!BN_lshift(two_powN, BN_value_one(), dh->length))
goto err;
if (BN_cmp(two_powN, dh->params.q) < 0)

@ -202,6 +202,7 @@ int DH_size(const DH *dh)
int DH_security_bits(const DH *dh)
int N;
if (dh->params.q != NULL)
N = BN_num_bits(dh->params.q);
else if (dh->length)