Change minimum DH size from 768 to 1024

Reviewed-by: Viktor Dukhovni <openssl-users@dukhovni.org>
author: Kurt Roeckx <kurt@roeckx.be> 2016-01-10 13:55:08 +0100
committer: Kurt Roeckx <kurt@roeckx.be> 2016-01-11 00:01:52 +0100
commit: a4530ce0398d673b25a15b72a18dee1d8b14c07d (patch)
tree: e76b22f76a8871a3d56af925c0f2ce6ec38d9a47
parent: cb19c0d15f2f207771ef707b917e8a44912d7dc9 (diff)
2 files changed, 3 insertions, 2 deletions
diff --git a/CHANGES b/CHANGES
index 32bd5c5958..e03c46f921 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,7 +4,8 @@
 
  Changes between 1.0.2e and 1.0.2f [xx XXX xxxx]
 
-  *)
+  *) Reject DH handshakes with parameters shorter than 1024 bits.
+     [Kurt Roeckx]
 
  Changes between 1.0.2d and 1.0.2e [3 Dec 2015]
 
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 8cbf46ad2f..04cc9f54a9 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -3610,7 +3610,7 @@ int ssl3_check_cert_and_algorithm(SSL *s)
             DH_free(dh_srvr);
         }
 
-        if ((!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 768)
+        if ((!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 1024)
             || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 512)) {
             SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_DH_KEY_TOO_SMALL);
             goto f_err;
author	Kurt Roeckx <kurt@roeckx.be>	2016-01-10 13:55:08 +0100
committer	Kurt Roeckx <kurt@roeckx.be>	2016-01-11 00:01:52 +0100
commit	a4530ce0398d673b25a15b72a18dee1d8b14c07d (patch)
tree	e76b22f76a8871a3d56af925c0f2ce6ec38d9a47
parent	cb19c0d15f2f207771ef707b917e8a44912d7dc9 (diff)