Enforce a minimum DH modulus size of 512 bits

[extended tests] Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9437)
2019-07-22 22:50:19 +02:00 · 2019-07-22 22:50:19 +02:00 · 6de1fe9086
commit 6de1fe9086
parent 8b84b075ff
9 changed files with 36 additions and 20 deletions
--- a/3
+++ b/3
@ -9,6 +9,9 @@

 Changes between 1.1.1 and 3.0.0 [xx XXX xxxx]

+  *) Enforce a minimum DH modulus size of 512 bits.
+     [Bernd Edlinger]
+
  *) Changed DH parameters to generate the order q subgroup instead of 2q.
     Previously generated DH parameters are still accepted by DH_check
     but DH_generate_key works around that by clearing bit 0 of the