yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-09 22:55:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add warning on the use of RFC 5114 primes

Browse source
This commit is contained in:
Hanno Becker 2017-10-16 09:21:33 +01:00
parent 2bfb234f6a
commit 1e520e0882
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
include/polarssl/dhm.h
View file

@ -55,6 +55,12 @@
* RFC 3526 4. 3072-bit MODP Group * RFC 3526 4. 3072-bit MODP Group
* RFC 5114 2.1. 1024-bit MODP Group with 160-bit Prime Order Subgroup * RFC 5114 2.1. 1024-bit MODP Group with 160-bit Prime Order Subgroup
* RFC 5114 2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup * RFC 5114 2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup
*
* \warning The primes from RFC 5114 do not come together with information
* on how they were generated and are therefore not considered
* trustworthy. It is recommended to avoid them and to use the
* nothing-up-my-sleeve primes from RFC 3526 instead.
*
*/ */
#define POLARSSL_DHM_RFC2409_MODP_1024_P \ #define POLARSSL_DHM_RFC2409_MODP_1024_P \
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \