Clean up DH_check_pub_key() and ensure that y^q (mod p) == 1.

This aligns our behavior with OpenSSL 1.1.1 which includes a mitigation
for small subgroup attacks. This did not affect LibreSSL since we do
not support X9.42 style parameter files or RFC 5114.

The meat of this commit is from Matt Caswell, OpenSSL b128abc3

ok inoguchi jsing

0 files changed, 0 insertions, 0 deletions