From bee68c475dd66b799b768f0bfe7389ad00fd902d Mon Sep 17 00:00:00 2001 From: Pauli Date: Thu, 12 Mar 2020 13:51:57 +1000 Subject: [PATCH] dh: document what the PEM files in apps actually contain. They were claimed to be the SKIP primes but they are really two of the MODP Diffie-Hellman groups for IKE. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/11314) --- doc/man3/SSL_CTX_set_tmp_dh_callback.pod | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/doc/man3/SSL_CTX_set_tmp_dh_callback.pod b/doc/man3/SSL_CTX_set_tmp_dh_callback.pod index 0e9108d063..c8d25f4573 100644 --- a/doc/man3/SSL_CTX_set_tmp_dh_callback.pod +++ b/doc/man3/SSL_CTX_set_tmp_dh_callback.pod @@ -63,12 +63,11 @@ openssl L application. This application guarantees that "strong" primes are used. Files dh2048.pem, and dh4096.pem in the 'apps' directory of the current -version of the OpenSSL distribution contain the 'SKIP' DH parameters, -which use safe primes and were generated verifiably pseudo-randomly. -These files can be converted into C code using the B<-C> option of the -L application. Generation of custom DH -parameters during installation should still be preferred to stop an -attacker from specializing on a commonly used group. File dh1024.pem +version of the OpenSSL distribution contain two of the MODP Diffie-Hellman +groups for IKE as per RFC 3526. These files can be converted into C code +using the B<-C> option of the L application. Generation +of custom DH parameters during installation should still be preferred to +stop an attacker from specializing on a commonly used group. File dh1024.pem contains old parameters that must not be used by applications. An application may either directly specify the DH parameters or -- 2.25.1