提交 c3074077 编写于 作者: B Bernd Edlinger

Add a CHANGES entry for BN_generate_prime_ex

BN_generate_prime_ex no longer avoids factors 3..17863 in p-1
when not computing safe primes.
Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9387)
上级 186b50d2
...@@ -9,7 +9,14 @@ ...@@ -9,7 +9,14 @@
Changes between 1.1.1e and 1.1.1f [xx XXX xxxx] Changes between 1.1.1e and 1.1.1f [xx XXX xxxx]
*) *) Revised BN_generate_prime_ex to not avoid factors 3..17863 in p-1
when primes for RSA keys are computed.
Since we previously always generated primes == 2 (mod 3) for RSA keys,
the 2-prime and 3-prime RSA modules were easy to distinguish, since
N = p*q = 1 (mod 3), but N = p*q*r = 2 (mod 3). Therefore fingerprinting
2-prime vs. 3-prime RSA keys was possible by computing N mod 3.
This avoids possible fingerprinting of newly generated RSA modules.
[Bernd Edlinger]
Changes between 1.1.1d and 1.1.1e [17 Mar 2020] Changes between 1.1.1d and 1.1.1e [17 Mar 2020]
*) Properly detect EOF while reading in libssl. Previously if we hit an EOF *) Properly detect EOF while reading in libssl. Previously if we hit an EOF
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册