From 796d609550df3a33fc11468741c5d2f6d3df4c11 Mon Sep 17 00:00:00 2001 From: beck <> Date: Sun, 19 Mar 2000 11:13:58 +0000 Subject: OpenSSL 0.9.5 merge *warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/) on cvs or ~beck/src-patent.tar.gz on cvs --- src/lib/libcrypto/dh/dh_check.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'src/lib/libcrypto/dh/dh_check.c') diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c index 95ce9cfad0..7e5cfd8bfc 100644 --- a/src/lib/libcrypto/dh/dh_check.c +++ b/src/lib/libcrypto/dh/dh_check.c @@ -61,7 +61,7 @@ #include #include -/* Check that p is a strong prime and +/* Check that p is a safe prime and * if g is 2, 3 or 5, check that is is a suitable generator * where * for 2, p mod 24 == 11 @@ -88,11 +88,13 @@ int DH_check(DH *dh, int *ret) l=BN_mod_word(dh->p,24); if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR; } -/* else if (BN_is_word(dh->g,DH_GENERATOR_3)) +#if 0 + else if (BN_is_word(dh->g,DH_GENERATOR_3)) { l=BN_mod_word(dh->p,12); if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR; - }*/ + } +#endif else if (BN_is_word(dh->g,DH_GENERATOR_5)) { l=BN_mod_word(dh->p,10); @@ -108,7 +110,7 @@ int DH_check(DH *dh, int *ret) { if (!BN_rshift1(q,dh->p)) goto err; if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL)) - *ret|=DH_CHECK_P_NOT_STRONG_PRIME; + *ret|=DH_CHECK_P_NOT_SAFE_PRIME; } ok=1; err: -- cgit v1.2.3-55-g6feb