[gnutls-devel] GnuTLS | DH and ECDH keys tests (!990)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Fri May 17 16:48:22 CEST 2019
Nikos Mavrogiannopoulos commented on a discussion on lib/nettle/pk.c: https://gitlab.com/gnutls/gnutls/merge_requests/990#note_171561688
> goto dh_cleanup;
> }
>
> + /* if we have Q check that y ^ q mod p == 1 */
> + if (q != NULL) {
The functions with underscore (e.g., _gnutls_dh_compute) are not part of API, and are only exported for the cavs testing, so I guess we can freely update. The challenge would be including Q in the known group information (algorithms/groups), and passing it down to nettle. That could work well for TLS1.3. However, the question is if FIPS mandates this test, what do we do under TLS1.3 when a non-known group is negotiated. Any suggestions? Dropping the connection may be too drastic, so it may even make sense to disable DHE under TLS1.2.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/990#note_171561688
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190517/762e025d/attachment.html>
More information about the Gnutls-devel
mailing list