certtool --generate-dh-params: Size of generator in 2.12.19 and 3.0.19
Nikos Mavrogiannopoulos
n.mavrogiannopoulos at gmail.com
Sun May 27 12:50:40 CEST 2012
On 05/27/2012 12:12 PM, Andreas Metzler wrote:
>> + 3.0.19 Uses a large value for Generator
>> + In 3.0.19 the size of "Prime" is not constant.
>
>> ("openssl dhparam" produces results similar to 2.12.19.)
>
>> Do DH paramater files generated with OpenSSL/GnuTLS-2.12.19 work fine with
>> GnuTLS-3.0.19, or the other way round do DH paramater files generated
>> with GnuTLS-3.0.19 work fine with OpenSSL/GnuTLS-2.12.19?
>
> I have stumbled upon
> http://nikmav.blogspot.com/2011/12/generating-diffie-hellman-parameters.html
> which afaiu answers these questions with: Cross-Compability is no
> problem, but GnuTLS 3 should be faster with a file written by GnuTLS 3
> because privateValueLength is used if present.
>
> Do I understand this correctly?
Yes, that's correct.
regards,
Nikos
More information about the Gnutls-devel
mailing list