Clean up DH_check_pub_key() and ensure that y^q (mod p) == 1. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2021-11-29 20:02:14 +0000
committer	tb <>	2021-11-29 20:02:14 +0000
commit	0fa2ca5c9927e0727e45f716fc93f3962d1e7c86 (patch)
tree	a1b7be0a5f53527fff389034167d093418d38eaf /src/lib/libc/stdlib
parent	6d32c9c1e2049cd1c60c71a04379c7ffa6aa3ab0 (diff)
download	openbsd-0fa2ca5c9927e0727e45f716fc93f3962d1e7c86.tar.gz openbsd-0fa2ca5c9927e0727e45f716fc93f3962d1e7c86.tar.bz2 openbsd-0fa2ca5c9927e0727e45f716fc93f3962d1e7c86.zip

Clean up DH_check_pub_key() and ensure that y^q (mod p) == 1.

This aligns our behavior with OpenSSL 1.1.1 which includes a mitigation for small subgroup attacks. This did not affect LibreSSL since we do not support X9.42 style parameter files or RFC 5114. The meat of this commit is from Matt Caswell, OpenSSL b128abc3 ok inoguchi jsing

Diffstat (limited to 'src/lib/libc/stdlib')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: