certtool --generate-dh-params: Size of generator in 2.12.19 and 3.0.19
Andreas Metzler
ametzler at downhill.at.eu.org
Sun May 27 11:54:16 CEST 2012
Hello,
certtool --generate-dh-params --bits 2236
seems to generate different things in GnuTLS 2.12.19 and 3.0.19. The
resulting files are of different size. certtool --dh-info show this:
------------------
ametzler at argenau:/tmp/dh$ for i in * ; do echo $i ;certtool --dh-info < $i | grep -E 'Generator |Prime ' ;echo ; done
2.12.19-try1
Generator (8 bits): 05
Prime (2240 bits):
2.12.19-try2
Generator (8 bits): 05
Prime (2240 bits):
3.0.19-try1
Generator (2248 bits): 01:01:e8:5e:f1:b9:ad:0f:5a:eb:61:76
Prime (2248 bits):
3.0.19-try2
Generator (2240 bits): 0f:bf:05:ea:18:02:e5:97:8e:81:17:c5
Prime (2240 bits):
------------------
+ 3.0.19 Uses a large value for Generator
+ In 3.0.19 the size of "Prime" is not constant.
("openssl dhparam" produces results similar to 2.12.19.)
Do DH paramater files generated with OpenSSL/GnuTLS-2.12.19 work fine with
GnuTLS-3.0.19, or the other way round do DH paramater files generated
with GnuTLS-3.0.19 work fine with OpenSSL/GnuTLS-2.12.19?
cu andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Gnutls-devel
mailing list