Better check of DH parameters in TLS data

When the client reads DH parameters from the TLS stream, we only checked that they all are non-zero. This change updates the check to use DH_check_params() DH_check_params() is a new function for light weight checking of the p and g parameters: check that p is odd check that 1 < g < p - 1 Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
author: Richard Levitte <levitte@openssl.org> 2016-12-30 21:57:28 +0100
committer: Matt Caswell <matt@openssl.org> 2017-01-26 10:54:01 +0000
commit: 2650515394537ad30110f322e56d3afe710d0886 (patch)
tree: 8d8a0d93d4c54446d7a01748dbd87d7ea72c2688 /util/libcrypto.num
parent: 2198b3a55de681e1f3c23edb0586afe13f438051 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 917ab888a7..8e9b752940 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4229,3 +4229,4 @@ UI_method_get_ex_data                   4179	1_1_1	EXIST::FUNCTION:UI
 UI_UTIL_wrap_read_pem_callback          4180	1_1_1	EXIST::FUNCTION:UI
 X509_VERIFY_PARAM_get_time              4181	1_1_0d	EXIST::FUNCTION:
 EVP_PKEY_get0_poly1305                  4182	1_1_1	EXIST::FUNCTION:POLY1305
+DH_check_params                         4183	1_1_0d	EXIST::FUNCTION:DH
author	Richard Levitte <levitte@openssl.org>	2016-12-30 21:57:28 +0100
committer	Matt Caswell <matt@openssl.org>	2017-01-26 10:54:01 +0000
commit	2650515394537ad30110f322e56d3afe710d0886 (patch)
tree	8d8a0d93d4c54446d7a01748dbd87d7ea72c2688 /util/libcrypto.num
parent	2198b3a55de681e1f3c23edb0586afe13f438051 (diff)