artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0cbf20e) | patch
Clean up DH_check_pub_key() and ensure that y^q (mod p) == 1.
authortb <tb@openbsd.org>
Mon, 29 Nov 2021 20:02:14 +0000 (20:02 +0000)
committertb <tb@openbsd.org>
Mon, 29 Nov 2021 20:02:14 +0000 (20:02 +0000)
commit79207923d3aecbc41e542efb03afe502b40b5ae1
treed4ece811db645cf1b78cc54c9f12229c14aa400etree | snapshot
parent0cbf20e40b61bcc0b5a62b7d2d8e4aa49ebca499commit | diff
Clean up DH_check_pub_key() and ensure that y^q (mod p) == 1.

This aligns our behavior with OpenSSL 1.1.1 which includes a mitigation
for small subgroup attacks. This did not affect LibreSSL since we do
not support X9.42 style parameter files or RFC 5114.

The meat of this commit is from Matt Caswell, OpenSSL b128abc3

ok inoguchi jsing
lib/libcrypto/dh/dh_check.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim