endecode_test.c: Add warning that 512-bit DH key size is for testing only

Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13568)
author: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2020-11-29 12:46:12 +0100
committer: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2020-12-01 07:49:38 +0100
commit: 1234aa7e415e1e239eb1c4504578ab59d90763ea (patch)
tree: 8bfe1de97336ffbef2893fdfd35b20ba7eaf9bf9 /test/endecode_test.c
parent: 20f8bc72552932393023f5bc5b436cc40cdd1348 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/test/endecode_test.c b/test/endecode_test.c
index e8cdd611e6..d7edd350a1 100644
--- a/test/endecode_test.c
+++ b/test/endecode_test.c
@@ -46,7 +46,10 @@ static EVP_PKEY *make_template(const char *type, OSSL_PARAM *genparams)
     EVP_PKEY_CTX *ctx = NULL;
 
 #ifndef OPENSSL_NO_DH
-    /* use DH(X) keys with predetermined parameters for efficiency */
+    /*
+     * Use 512-bit DH(X) keys with predetermined parameters for efficiency,
+     * for testing only. Use a minimum key size of 2048 for security purposes.
+     */
     if (strcmp(type, "DH") == 0)
         return get_dh512(NULL);
     if (strcmp(type, "X9.42 DH") == 0)
author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2020-11-29 12:46:12 +0100
committer	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2020-12-01 07:49:38 +0100
commit	1234aa7e415e1e239eb1c4504578ab59d90763ea (patch)
tree	8bfe1de97336ffbef2893fdfd35b20ba7eaf9bf9 /test/endecode_test.c
parent	20f8bc72552932393023f5bc5b436cc40cdd1348 (diff)