use safe primes in ssl_get_auto_dh()
authorHubert Kario <hkario@redhat.com>
Fri, 5 Jun 2020 18:21:55 +0000 (20:21 +0200)
committerTomas Mraz <tmraz@fedoraproject.org>
Wed, 17 Jun 2020 16:37:55 +0000 (18:37 +0200)
commite705b920bf9a6737b5abcb57ca14824959e1e630
tree6d86dbb93735776f2621e54e94abe15c8e456d19
parent4151e303a488c53613f7b8c6eae4372759d7fa35
use safe primes in ssl_get_auto_dh()

DH_get_1024_160() and DH_get_2048_224() return parameters from
RFC5114. Those parameters include primes with known small subgroups,
making them unsafe. Change the code to use parameters from
RFC 2409 and RFC 3526 instead (group 2 and 14 respectively).

This patch also adds automatic selection of 4096 bit params for 4096 bit
RSA keys

backport of 7646610

Signed-off-by: Hubert Kario <hkario@redhat.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12160)
ssl/t1_lib.c