diff --git a/testssl.sh b/testssl.sh index 4a71070..93f99ac 100755 --- a/testssl.sh +++ b/testssl.sh @@ -9392,7 +9392,9 @@ run_logjam() { if [[ -n "$key_bitstring" ]]; then dh_p="$($OPENSSL pkey -pubin -text -noout <<< "$key_bitstring" | awk '/prime:/,/generator:/' | tail -n +2 | head -n -1)" dh_p="$(strip_spaces "$(colon_to_spaces "$(newline_to_spaces "$dh_p")")")" + [[ "${dh_p:0:2}" == "00" ]] && dh_p="${dh_p:2}" # At this point the DH key's prime has been extracted into $dh_p. Compare is against known weak primes. + echo "dh_p = $dh_p" fi tmpfile_handle $FUNCNAME.txt