diff options
| author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2019-07-10 15:52:36 +0200 |
|---|---|---|
| committer | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2019-07-22 20:03:27 +0200 |
| commit | a38c878c2e5e05016bc9faa8d0828eb96efba1c2 (patch) | |
| tree | 18485904f5e8438f97b9a4f0bac4292b527255a7 /doc | |
| parent | d4c69c69d171edb17b4d609c15891a9599809ed0 (diff) | |
Change DH parameters to generate the order q subgroup instead of 2q
This avoids leaking bit 0 of the private key.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/9363)
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/man1/dhparam.pod | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/doc/man1/dhparam.pod b/doc/man1/dhparam.pod index 67a3894169..dd871b3b48 100644 --- a/doc/man1/dhparam.pod +++ b/doc/man1/dhparam.pod @@ -19,6 +19,7 @@ B<openssl dhparam> [B<-text>] [B<-C>] [B<-2>] +[B<-3>] [B<-5>] [B<-rand file...>] [B<-writerand file>] @@ -77,9 +78,9 @@ avoid small-subgroup attacks that may be possible otherwise. Performs numerous checks to see if the supplied parameters are valid and displays a warning if not. -=item B<-2>, B<-5> +=item B<-2>, B<-3>, B<-5> -The generator to use, either 2 or 5. If present then the +The generator to use, either 2, 3 or 5. If present then the input file is ignored and parameters are generated instead. If not present but B<numbits> is present, parameters are generated with the default generator 2. @@ -156,7 +157,7 @@ L<dsaparam(1)> =head1 COPYRIGHT -Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy |