diff options
| author | Shane Lontis <shane.lontis@oracle.com> | 2021-04-15 10:25:17 +0200 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2021-04-26 19:52:11 +0200 |
| commit | f1ffaaeece5efb7d2f4859a59e3164edf9b4b769 (patch) | |
| tree | a125dfda9f44ef0702f8bae025ccec829eb33652 /crypto/ffc | |
| parent | Add type_name member to provided methods and use it (diff) | |
| download | openssl-f1ffaaeece5efb7d2f4859a59e3164edf9b4b769.tar.xz openssl-f1ffaaeece5efb7d2f4859a59e3164edf9b4b769.zip | |
Fixes related to separation of DH and DHX types
Fix dh_rfc5114 option in genpkey.
Fixes #14145
Fixes #13956
Fixes #13952
Fixes #13871
Fixes #14054
Fixes #14444
Updated documentation for app to indicate what options are available for
DH and DHX keys.
DH and DHX now have different keymanager gen_set_params() methods.
Added CHANGES entry to indicate the breaking change.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14883)
Diffstat (limited to 'crypto/ffc')
| -rw-r--r-- | crypto/ffc/ffc_dh.c | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/crypto/ffc/ffc_dh.c b/crypto/ffc/ffc_dh.c index 17888e9291..e9f597c46c 100644 --- a/crypto/ffc/ffc_dh.c +++ b/crypto/ffc/ffc_dh.c @@ -113,9 +113,7 @@ const DH_NAMED_GROUP *ossl_ffc_numbers_to_dh_named_group(const BIGNUM *p, if (BN_cmp(p, dh_named_groups[i].p) == 0 && BN_cmp(g, dh_named_groups[i].g) == 0 /* Verify q is correct if it exists */ - && ((q != NULL && BN_cmp(q, dh_named_groups[i].q) == 0) - /* Do not match RFC 5114 groups without q */ - || (q == NULL && dh_named_groups[i].uid > 3))) + && (q == NULL || BN_cmp(q, dh_named_groups[i].q) == 0)) return &dh_named_groups[i]; } return NULL; |