Any comments on the last release?
nmav at gnutls.org
Mon Apr 19 16:42:02 CEST 2004
On Monday 19 April 2004 15:47, Werner Koch wrote:
> >> #define GCRY_PRIME_CHECK_AT_GOT_PRIME 1
> >> #define GCRY_PRIME_CHECK_AT_MAYBE_PRIME 2
> >> if you probably check for mode (which used to be 0 in previous
> >> versions), it should not make any difference.
> > How can I do that? I currently generate the parameters using
> > gcry_pk_genkey() with a sexp of "(genkey(rsa(nbits %d)))".
> That is only used for the primegen interface and not for the higher
> level public key generation. IIRC, you requested this interface for
> DH use?
Yes that's true, but I didn't really care about the DH primes generation,
since it was already slow. The difference was in RSA keys generation which was
slowed down considerably (at least for 512 bit keys).
I just debugged it a bit, and it seems like a false alarm. The long delay was
in the random gatherer (probably due to blocking in /dev/random). It seems
that the VERY_STRONG flag, is quite demanding :)
More information about the Gcrypt-devel