)]}'
{
  "commit": "87c00d522b6c7be2f11eb967705d73a7271a0a64",
  "tree": "e1d969b89d8512d55f2c4e0074453258e64f2a6a",
  "parents": [
    "c3b236d325bbdcbb4621815704c7e7e927923042"
  ],
  "author": {
    "name": "David Benjamin",
    "email": "davidben@google.com",
    "time": "Fri Aug 11 18:56:16 2023 -0400"
  },
  "committer": {
    "name": "Boringssl LUCI CQ",
    "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com",
    "time": "Mon Aug 14 21:10:48 2023 +0000"
  },
  "message": "Align DH keygen with NIST\u0027s formulation when q is available\n\nSection 5.6.1.1.4 of SP 800-56A Rev 3 and Appendix B.1.2 of FIPS 186-4\nselect the private key out of the range [1, q-1]. We used [2, q-1]. This\ndistinction is unimportant. 0, 1, 2, 3, 4, etc. all make equally bad\nprivate keys. The defense against each of these is their negligible\nprobability, not rejection sampling.\n\nNonetheless, we may as well align with *some* specification, and NIST\u0027s\nformulation works fine.\n\nChange-Id: I33352061f3fbdbec5b14b576d15be98464a57536\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/62227\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "1e8971a4a3733790eb117d7efc0269d7a32c3f6d",
      "old_mode": 33188,
      "old_path": "crypto/fipsmodule/dh/dh.c",
      "new_id": "400a8ebccff318a8a608fcaa837f7367f39caeba",
      "new_mode": 33188,
      "new_path": "crypto/fipsmodule/dh/dh.c"
    }
  ]
}