diff options
author | Matt Caswell <matt@openssl.org> | 2021-02-09 15:50:05 +0000 |
---|---|---|
committer | Shane Lontis <shane.lontis@oracle.com> | 2021-02-15 14:17:36 +1000 |
commit | 899e25643dc63a84a924d08f86d7d19613714431 (patch) | |
tree | f79751777385af9b6d4d05a8dc1739a94f59510b /util | |
parent | aee73562d17499f2660c14f8c150459097680a1d (diff) |
Implement EVP_PKEY_param_check_quick() and use it in libssl
The low level DH API has two functions for checking parameters:
DH_check_ex() and DH_check_params_ex(). The former does a "full" check,
while the latter does a "quick" check. Most importantly it skips the
check for a safe prime. We're ok without using safe primes here because
we're doing ephemeral DH.
Now that libssl is fully using the EVP API, we need a way to specify that
we want a quick check instead of a full check. Therefore we introduce
EVP_PKEY_param_check_quick() and use it.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14146)
Diffstat (limited to 'util')
-rw-r--r-- | util/libcrypto.num | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/util/libcrypto.num b/util/libcrypto.num index fa7a096145..5e3ee9e408 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5298,3 +5298,4 @@ EVP_PKEY_get_field_type ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_get_params ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_fromdata_init ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_fromdata_settable ? 3_0_0 EXIST::FUNCTION: +EVP_PKEY_param_check_quick ? 3_0_0 EXIST::FUNCTION: |