OpenSSL 3.0 different behaviour on smaller DH groups?
Michael Richardson
mcr at sandelman.ca
Tue Apr 5 17:33:28 UTC 2022
Simon Chopin <simon.chopin at canonical.com> wrote:
> This test suite fails several times with a failed call to
> EVP_PKEY_derive_set_peer, without much more details:
> https://github.com/net-ssh/net-ssh/blob/master/test/transport/kex/test_diffie_hellman_group14_sha1.rb
> However, the *exact same* test suite works, with the only difference
> being that the failing suite uses the DH group 14, which is 2048bits,
> whereas the one that passes uses the group 1, which the Internet tells
> me is 768bits.
DH groups of 768bits are considered too weak.
I wonder if openssl 3 is declining to do anymore, and/or has been compiled
with an option to drop support for that size.
(I have no knowledge of that part of openssl)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20220405/94e04264/attachment.sig>
More information about the openssl-users
mailing list