Re: [exim-dev] [Bug 1837] small subgroup attack

Top Pagina
Delete this message
Reply to this message
Auteur: Viktor Dukhovni
Datum:  
Aan: exim-dev
Onderwerp: Re: [exim-dev] [Bug 1837] small subgroup attack

> On May 29, 2016, at 1:59 AM, admin@??? wrote:
>
> https://bugs.exim.org/show_bug.cgi?id=1837
>
> --- Comment #7 from Phil Pennock <pdp@???> ---
> I am going to bed. I have changes to support this, but where the OpenSSL
> function DHparams_print_fp() confirm q is set, PEM_write_DHparams() does not
> produce different output. I want to believe that this is just me being tired,
> but past experience suggests that this really is OpenSSL being obnoxious.


Wrong output function. For writing DSA-style parameters (p, q, g) you
need:

    PEM_write_DSAparams()


not

    PEM_write_DHparams()


But, (broken record), do yourself a favour and just drop these groups...

-- 
    Viktor.