diff options
author | Tomas Mraz <tomas@openssl.org> | 2023-10-03 14:43:13 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-10-05 11:24:35 +0200 |
commit | f7b80136a3df4396b19ebb86d4814d8cefe6d6db (patch) | |
tree | 16c921ad606f908624833bf9198d244463b61a9d /doc | |
parent | e8e2b131ca253f9e28c511c8294e27ddbd0b60c6 (diff) |
DH_check: Emphasize the importance of return value check
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22262)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man3/DH_generate_parameters.pod | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/doc/man3/DH_generate_parameters.pod b/doc/man3/DH_generate_parameters.pod index bbcfe24ae6..e677885597 100644 --- a/doc/man3/DH_generate_parameters.pod +++ b/doc/man3/DH_generate_parameters.pod @@ -128,6 +128,10 @@ The parameter B<j> is invalid. =back +If 0 is returned or B<*codes> is set to a nonzero value the supplied +parameters should not be used for Diffie-Hellman operations otherwise +the security properties of the key exchange are not guaranteed. + DH_check_ex(), DH_check_params() and DH_check_pub_key_ex() are similar to DH_check() and DH_check_params() respectively, but the error reasons are added to the thread's error queue instead of provided as return values from the |