Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: ddb13b283be84d771deba1e964610b1670641f03 https://github.openssl.org/openssl/openssl/commit/ddb13b283be84d771deba1e964610b1670641f03 Author: Tomas Mraz <to...@openssl.org> Date: 2022-07-18 (Mon, 18 Jul 2022)
Changed paths: M CHANGES.md M crypto/dh/dh_gen.c M crypto/dh/dh_group_params.c M crypto/ffc/ffc_backend.c M crypto/ffc/ffc_dh.c M crypto/ffc/ffc_key_generate.c M include/internal/ffc.h M test/ffc_internal_test.c Log Message: ----------- Use as small dh key size as possible to support the security Longer private key sizes unnecessarily raise the cycles needed to compute the shared secret without any increase of the real security. We use minimum key sizes as defined in RFC7919. For arbitrary parameters we cannot know whether they are safe primes (we could test but that would be too inefficient) we have to keep generating large keys. However we now set a small dh->length when we are generating safe prime parameters because we know it is safe to use small keys with them. That means users need to regenerate the parameters if they want to take the performance advantage of small private key. Reviewed-by: Kurt Roeckx <k...@roeckx.be> Reviewed-by: Paul Dale <pa...@openssl.org> Reviewed-by: Hugo Landau <hlan...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18480) Commit: ff54094cb9e1e5033f6e3e72717e741cf24f5c29 https://github.openssl.org/openssl/openssl/commit/ff54094cb9e1e5033f6e3e72717e741cf24f5c29 Author: Tomas Mraz <to...@openssl.org> Date: 2022-07-18 (Mon, 18 Jul 2022) Changed paths: M providers/implementations/encode_decode/encode_key2text.c M test/recipes/30-test_evp_pkey_provided/DH.priv.txt M test/recipes/30-test_evp_pkey_provided/DH.pub.txt Log Message: ----------- dh_to_text: Print the dh->length if set Reviewed-by: Kurt Roeckx <k...@roeckx.be> Reviewed-by: Paul Dale <pa...@openssl.org> Reviewed-by: Hugo Landau <hlan...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18480) Commit: 2b11a8ecc8ed1355b99a6d88b8e7e7a75a67bd0a https://github.openssl.org/openssl/openssl/commit/2b11a8ecc8ed1355b99a6d88b8e7e7a75a67bd0a Author: Tomas Mraz <to...@openssl.org> Date: 2022-07-18 (Mon, 18 Jul 2022) Changed paths: M test/recipes/20-test_dhparam.t Log Message: ----------- dhparam_test: Test that we add private key length on generation and print it Reviewed-by: Kurt Roeckx <k...@roeckx.be> Reviewed-by: Paul Dale <pa...@openssl.org> Reviewed-by: Hugo Landau <hlan...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18480) Commit: 2885b2ca4eee5586baa50208e41a1ca54532eb3a https://github.openssl.org/openssl/openssl/commit/2885b2ca4eee5586baa50208e41a1ca54532eb3a Author: Tomas Mraz <to...@openssl.org> Date: 2022-07-18 (Mon, 18 Jul 2022) Changed paths: M doc/man1/openssl-dhparam.pod.in Log Message: ----------- dhparam: Correct the documentation of -dsaparam Reviewed-by: Kurt Roeckx <k...@roeckx.be> Reviewed-by: Paul Dale <pa...@openssl.org> Reviewed-by: Hugo Landau <hlan...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18480) Commit: 2266d1cad008ef03cb0791397b1cca9aaa6a4428 https://github.openssl.org/openssl/openssl/commit/2266d1cad008ef03cb0791397b1cca9aaa6a4428 Author: Tomas Mraz <to...@openssl.org> Date: 2022-07-18 (Mon, 18 Jul 2022) Changed paths: M test/evp_extra_test2.c Log Message: ----------- Test that we generate a short private key for known DH prime Reviewed-by: Kurt Roeckx <k...@roeckx.be> Reviewed-by: Paul Dale <pa...@openssl.org> Reviewed-by: Hugo Landau <hlan...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18480) Commit: 5f311b10ab3dd6417a3247c62b4ec072751459db https://github.openssl.org/openssl/openssl/commit/5f311b10ab3dd6417a3247c62b4ec072751459db Author: Tomas Mraz <to...@openssl.org> Date: 2022-07-18 (Mon, 18 Jul 2022) Changed paths: M crypto/ffc/ffc_params.c M test/ffc_internal_test.c Log Message: ----------- ossl_ffc_params_copy: Copy the keylength too Reviewed-by: Kurt Roeckx <k...@roeckx.be> Reviewed-by: Paul Dale <pa...@openssl.org> Reviewed-by: Hugo Landau <hlan...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18480) Compare: https://github.openssl.org/openssl/openssl/compare/358103b4a651...5f311b10ab3d