diff options
Diffstat (limited to 'src/lib/tls/msg_client_kex.cpp')
-rw-r--r-- | src/lib/tls/msg_client_kex.cpp | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/lib/tls/msg_client_kex.cpp b/src/lib/tls/msg_client_kex.cpp index c5b9305c7..7ce9b9df2 100644 --- a/src/lib/tls/msg_client_kex.cpp +++ b/src/lib/tls/msg_client_kex.cpp @@ -106,8 +106,9 @@ Client_Key_Exchange::Client_Key_Exchange(Handshake_IO& io, DL_Group group(p, g); - if(!group.verify_group(rng, true)) - throw Internal_Error("DH group failed validation, possible attack"); + if(!group.verify_group(rng, false)) + throw TLS_Exception(Alert::INSUFFICIENT_SECURITY, + "DH group validation failed"); DH_PublicKey counterparty_key(group, Y); |