From 9765befd6b6901f4a062b19f9fae9ffcc47f915b Mon Sep 17 00:00:00 2001
From: Karel Miko <karel.miko@gmail.com>
Date: Thu, 14 Sep 2017 17:25:28 +0200
Subject: [PATCH] do dsa_int_validate_pqg in dsa_set_pqg_dsaparam

---
 src/pk/dsa/dsa_set_pqg_dsaparam.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/src/pk/dsa/dsa_set_pqg_dsaparam.c b/src/pk/dsa/dsa_set_pqg_dsaparam.c
index 454a941..d4dc397 100644
--- a/src/pk/dsa/dsa_set_pqg_dsaparam.c
+++ b/src/pk/dsa/dsa_set_pqg_dsaparam.c
@@ -24,7 +24,7 @@
 int dsa_set_pqg_dsaparam(const unsigned char *dsaparam, unsigned long dsaparamlen,
                          dsa_key *key)
 {
-   int err;
+   int err, stat;
 
    LTC_ARGCHK(dsaparam    != NULL);
    LTC_ARGCHK(key         != NULL);
@@ -49,6 +49,16 @@ int dsa_set_pqg_dsaparam(const unsigned char *dsaparam, unsigned long dsaparamle
       err = CRYPT_INVALID_PACKET;
       goto LBL_ERR;
    }
+
+   /* quick p, q, g validation, without primality testing */
+   if ((err = dsa_int_validate_pqg(key, &stat)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+   if (stat == 0) {
+      err = CRYPT_INVALID_PACKET;
+      goto LBL_ERR;
+   }
+
    return CRYPT_OK;
 
 LBL_ERR: