diff options
-rw-r--r-- | apps/dhparam.c | 25 | ||||
-rw-r--r-- | doc/apps/dhparam.pod | 3 | ||||
-rw-r--r-- | doc/crypto/DH_generate_parameters.pod | 46 |
3 files changed, 57 insertions, 17 deletions
diff --git a/apps/dhparam.c b/apps/dhparam.c index 350dd28196..f86e315599 100644 --- a/apps/dhparam.c +++ b/apps/dhparam.c @@ -270,15 +270,30 @@ int dhparam_main(int argc, char **argv) goto end; } if (i & DH_CHECK_P_NOT_PRIME) - printf("p value is not prime\n"); + BIO_printf(bio_err, "WARNING: p value is not prime\n"); if (i & DH_CHECK_P_NOT_SAFE_PRIME) - printf("p value is not a safe prime\n"); + BIO_printf(bio_err, "WARNING: p value is not a safe prime\n"); + if (i & DH_CHECK_Q_NOT_PRIME) + BIO_printf(bio_err, "WARNING: q value is not a prime\n"); + if (i & DH_CHECK_INVALID_Q_VALUE) + BIO_printf(bio_err, "WARNING: q value is invalid\n"); + if (i & DH_CHECK_INVALID_J_VALUE) + BIO_printf(bio_err, "WARNING: j value is invalid\n"); if (i & DH_UNABLE_TO_CHECK_GENERATOR) - printf("unable to check the generator value\n"); + BIO_printf(bio_err, + "WARNING: unable to check the generator value\n"); if (i & DH_NOT_SUITABLE_GENERATOR) - printf("the g value is not a generator\n"); + BIO_printf(bio_err, "WARNING: the g value is not a generator\n"); if (i == 0) - printf("DH parameters appear to be ok.\n"); + BIO_printf(bio_err, "DH parameters appear to be ok.\n"); + if (num != 0 && i != 0) { + /* + * We have generated parameters but DH_check() indicates they are + * invalid! This should never happen! + */ + BIO_printf(bio_err, "ERROR: Invalid parameters generated\n"); + goto end; + } } if (C) { unsigned char *data; diff --git a/doc/apps/dhparam.pod b/doc/apps/dhparam.pod index 63cc0d372b..addd88a540 100644 --- a/doc/apps/dhparam.pod +++ b/doc/apps/dhparam.pod @@ -72,7 +72,8 @@ avoid small-subgroup attacks that may be possible otherwise. =item B<-check> -check if the parameters are valid primes and generator. +Performs numerous checks to see if the supplied parameters are valid and +displays a warning if not. =item B<-2>, B<-5> diff --git a/doc/crypto/DH_generate_parameters.pod b/doc/crypto/DH_generate_parameters.pod index 71fa4363d4..8970aae444 100644 --- a/doc/crypto/DH_generate_parameters.pod +++ b/doc/crypto/DH_generate_parameters.pod @@ -37,12 +37,41 @@ number is generated, and when a prime has been found, B<BN_GENCB_call(cb, 3, 0)> is called. See L<BN_generate_prime(3)> for information on the BN_GENCB_call() function. -DH_check() validates Diffie-Hellman parameters. It checks that B<p> is -a safe prime, and that B<g> is a suitable generator. In the case of an -error, the bit flags DH_CHECK_P_NOT_SAFE_PRIME or -DH_NOT_SUITABLE_GENERATOR are set in B<*codes>. -DH_UNABLE_TO_CHECK_GENERATOR is set if the generator cannot be -checked, i.e. it does not equal 2 or 5. +DH_check() confirms that the Diffie-Hellman parameters B<dh> are valid. The +value of B<*codes> is updated with any problems found. If B<*codes> is zero then +no problems were found, otherwise the following bits may be set: + +=over 4 + +=item DH_CHECK_P_NOT_PRIME + +The parameter B<p> is not prime. + +=item DH_CHECK_P_NOT_SAFE_PRIME + +The parameter B<p> is not a safe prime and no B<q> value is present. + +=item DH_UNABLE_TO_CHECK_GENERATOR + +The generator B<g> cannot be checked for suitability. + +=item DH_NOT_SUITABLE_GENERATOR + +The generator B<g> is not suitable. + +=item DH_CHECK_Q_NOT_PRIME + +The parameter B<q> is not prime. + +=item DH_CHECK_INVALID_Q_VALUE + +The parameter B<q> is invalid. + +=item DH_CHECK_INVALID_J_VALUE + +The parameter B<j> is invalid. + +=back =head1 RETURN VALUES @@ -62,11 +91,6 @@ hours before finding a suitable prime. The parameters generated by DH_generate_parameters_ex() and DH_generate_parameters() are not to be used in signature schemes. -=head1 BUGS - -If B<generator> is not 2 or 5, B<dh-E<gt>g>=B<generator> is not -a usable generator. - =head1 SEE ALSO L<dh(3)>, L<ERR_get_error(3)>, L<rand(3)>, |