[gnutls-devel] GnuTLS | DH and ECDH keys tests (!990)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Fri May 17 17:50:22 CEST 2019

Tomáš Mráz commented on a discussion on lib/nettle/pk.c: https://gitlab.com/gnutls/gnutls/merge_requests/990#note_171584176

>  			goto dh_cleanup;
>  		}
> +		/* if we have Q check that y ^ q mod p == 1 */
> +		if (q != NULL) {

Actually I got already a word from Stephan that he talked with NIST to clarify and the Q testing (or in equivalent term comparison of the parameters to the known good safe primes) is mandatory even for TLS. So I'd say we are unfortunately forced to disable DHE in TLS.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/990#note_171584176
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190517/639ffe57/attachment-0001.html>

More information about the Gnutls-devel mailing list