[openssl/openssl] 8ed6dd: For known safe primes use the minimum key length a...

Tomas Mraz noreply at reply.github.openssl.org
Tue Jul 19 10:12:34 UTC 2022 

  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 8ed6ddcaa559b7b04202c15ea3a95ee0b05caeba
      https://github.openssl.org/openssl/openssl/commit/8ed6ddcaa559b7b04202c15ea3a95ee0b05caeba
  Author: Tomas Mraz <tomas at openssl.org>
  Date:   2022-07-19 (Tue, 19 Jul 2022)

  Changed paths:
    M crypto/dh/dh_group_params.c
    M crypto/ffc/ffc_backend.c
    M crypto/ffc/ffc_dh.c
    M crypto/ffc/ffc_key_generate.c
    M include/internal/ffc.h
    M test/ffc_internal_test.c

  Log Message:
  -----------
  For known safe primes use the minimum key length according to RFC 7919

Longer private key sizes unnecessarily raise the cycles needed to
compute the shared secret without any increase of the real security.

This fixes a regression from 1.1.1 where these shorter keys
were generated for the known safe primes.

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Kurt Roeckx <kurt at roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/18793)


  Commit: c9bdbc12ac7343992ba249e11d2bda3338469a97
      https://github.openssl.org/openssl/openssl/commit/c9bdbc12ac7343992ba249e11d2bda3338469a97
  Author: Tomas Mraz <tomas at openssl.org>
  Date:   2022-07-19 (Tue, 19 Jul 2022)

  Changed paths:
    M providers/implementations/encode_decode/encode_key2text.c
    M test/recipes/30-test_evp_pkey_provided/DH.priv.txt
    M test/recipes/30-test_evp_pkey_provided/DH.pub.txt

  Log Message:
  -----------
  dh_to_text: Print the dh->length if set

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Kurt Roeckx <kurt at roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/18793)


  Commit: 5eac066bef0c23bb74255423d335e634e4deb8d5
      https://github.openssl.org/openssl/openssl/commit/5eac066bef0c23bb74255423d335e634e4deb8d5
  Author: Tomas Mraz <tomas at openssl.org>
  Date:   2022-07-19 (Tue, 19 Jul 2022)

  Changed paths:
    M test/evp_extra_test2.c

  Log Message:
  -----------
  Test that we generate a short private key for known DH prime

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Kurt Roeckx <kurt at roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/18793)


  Commit: ce4579adf94d5f26e566a1e04c8a52ec5943cdd0
      https://github.openssl.org/openssl/openssl/commit/ce4579adf94d5f26e566a1e04c8a52ec5943cdd0
  Author: Tomas Mraz <tomas at openssl.org>
  Date:   2022-07-19 (Tue, 19 Jul 2022)

  Changed paths:
    M crypto/ffc/ffc_params.c
    M test/ffc_internal_test.c

  Log Message:
  -----------
  ossl_ffc_params_copy: Copy the keylength too

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Kurt Roeckx <kurt at roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/18793)


Compare: https://github.openssl.org/openssl/openssl/compare/b89a5b8df909...ce4579adf94d

More information about the openssl-commits mailing list