On Tue, Jul 02, 2019 at 08:14:25AM +0100, Peter Eisentraut wrote: > It appears that we have consensus to go ahead with this.
Yeah, I was planning to look at that one next. Or perhaps you would like to take care of it, Peter? > <paranoia> > I was wondering whether the provided binary blob contained any checksums > or other internal checks. How would we know whether it contains > transposed characters or replaces a 1 by a I or a l? If I just randomly > edit the blob, the ssl tests still pass. (The relevant load_dh_buffer() > call does get called by the tests.) How can we make sure we actually > got a good copy? > </paranoia> PEM_read_bio_DHparams() has some checks on the Diffie-Hellman key, but it is up to the caller to make sure that it is normally providing a prime number in this case to make the cracking harder, no? RFC 3526 has a small formula in this case, which we can use to double-check the patch. -- Michael
signature.asc
Description: PGP signature
