diff options
author | Richard Levitte <levitte@openssl.org> | 2016-12-30 21:57:28 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-01-26 10:54:01 +0000 |
commit | 2650515394537ad30110f322e56d3afe710d0886 (patch) | |
tree | 8d8a0d93d4c54446d7a01748dbd87d7ea72c2688 /util/libcrypto.num | |
parent | 2198b3a55de681e1f3c23edb0586afe13f438051 (diff) |
Better check of DH parameters in TLS data
When the client reads DH parameters from the TLS stream, we only
checked that they all are non-zero. This change updates the check to
use DH_check_params()
DH_check_params() is a new function for light weight checking of the p
and g parameters:
check that p is odd
check that 1 < g < p - 1
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Diffstat (limited to 'util/libcrypto.num')
-rw-r--r-- | util/libcrypto.num | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/util/libcrypto.num b/util/libcrypto.num index 917ab888a7..8e9b752940 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4229,3 +4229,4 @@ UI_method_get_ex_data 4179 1_1_1 EXIST::FUNCTION:UI UI_UTIL_wrap_read_pem_callback 4180 1_1_1 EXIST::FUNCTION:UI X509_VERIFY_PARAM_get_time 4181 1_1_0d EXIST::FUNCTION: EVP_PKEY_get0_poly1305 4182 1_1_1 EXIST::FUNCTION:POLY1305 +DH_check_params 4183 1_1_0d EXIST::FUNCTION:DH |