public/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Change DH parameters to generate the order q subgroup instead of 2q

Browse source 
This avoids leaking bit 0 of the private key.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/9363)
This commit is contained in:
Bernd Edlinger 2019-07-10 15:52:36 +02:00
parent d4c69c69d1
commit a38c878c2e
8 changed files with 135 additions and 64 deletions
Download patch file Download diff file Expand all files Collapse all files

6
CHANGES
View file

@ -9,6 +9,12 @@
Changes between 1.1.1 and 3.0.0 [xx XXX xxxx]
*) Changed DH parameters to generate the order q subgroup instead of 2q.
Previously generated DH parameters are still accepted by DH_check
but DH_generate_key works around that by clearing bit 0 of the
private key for those. This avoids leaking bit 0 of the private key.
[Bernd Edlinger]
*) Added a new FUNCerr() macro that takes a function name.
The macro SYSerr() is deprecated.
[Rich Salz]