summaryrefslogtreecommitdiff
path: root/src/lib/libssl/test/testssl
diff options
context:
space:
mode:
authortb <>2021-11-29 20:02:14 +0000
committertb <>2021-11-29 20:02:14 +0000
commit0fa2ca5c9927e0727e45f716fc93f3962d1e7c86 (patch)
treea1b7be0a5f53527fff389034167d093418d38eaf /src/lib/libssl/test/testssl
parent6d32c9c1e2049cd1c60c71a04379c7ffa6aa3ab0 (diff)
downloadopenbsd-0fa2ca5c9927e0727e45f716fc93f3962d1e7c86.tar.gz
openbsd-0fa2ca5c9927e0727e45f716fc93f3962d1e7c86.tar.bz2
openbsd-0fa2ca5c9927e0727e45f716fc93f3962d1e7c86.zip
Clean up DH_check_pub_key() and ensure that y^q (mod p) == 1.
This aligns our behavior with OpenSSL 1.1.1 which includes a mitigation for small subgroup attacks. This did not affect LibreSSL since we do not support X9.42 style parameter files or RFC 5114. The meat of this commit is from Matt Caswell, OpenSSL b128abc3 ok inoguchi jsing
Diffstat (limited to 'src/lib/libssl/test/testssl')
0 files changed, 0 insertions, 0 deletions