Code inspection suggests that when running "openssl dhparam -check -out foo 2048", the safety of the generated prime is only indicated via stdout.
I suggest one of three safety improvements here, in order of what I believe to be decreasing safety: (1) Regardless of whether the "-check" flag is specified, dhparam should always call DH_check() on values it generates, and should never output (in any form) the value of an unsafe DH parameter it generated. When problems are found, I don't care whether it errors out or retries, so long as this behavior is clearly documented in the dhparam manpage. (2) If the "-check" flag is specified, "dhparam -check" should never output (in any form) the value of an unsafe DH parameter it generated. When problems are found, I don't care whether it errors out or retries, so long as this behavior is clearly documented in the dhparam manpage. (3) If the "-check" flag is specified, and DH_check() reports any problems, the program exit status should indicate failure, in addition to the current stdout warning. This allows easy programmatic usage without needing to recognize the stdout syntax used by dhparam. _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
