Feature req: DH prime bitsize query

Nikos Mavrogiannopoulos nmav at gnutls.org
Sun May 27 13:04:33 CEST 2012


On 05/27/2012 07:24 AM, Phil Pennock wrote:

> Folks,
> 
> When gnutls_dh_params_generate2() is used to generate DH parameters of a
> particular size, it has a tendency to overshoot.
> 
> Asking for 2236 bits, a 2237 bit prime seems to be fairly common.


Is that an issue for you? Because the bits on the various security
levels are a result of some interpolation being extreme precise in the
size of bits doesn't make IMO much sense. GnuTLS will make sure however
that there will be at least so many bits.

> I can find no GnuTLS API to ask for the size of the prime inside the
> parameters structure, nor to deal with it once PKCS#3 exported.  I can
> see the debug callback invoked with the generated size, and I can see
> one static function which has the data, and a dispatch table which can
> use one of two backend math/crypto libraries for functions which might
> get the data, but no actual API which can sanely be used.
> Could GnuTLS 3 *please* get an API call to find out the size in bits of
> the DH prime in a gnutls_dh_params_t ?  Perhaps even add a query mode to
> certtool?


Currently this can only be done indirectly by using
gnutls_dh_params_export_raw() and then checking the number of bits in
the prime. Why do you need this information? I'm thinking whether it
makes sense to have a function that will provide those numbers for
the DH parameters only, or have a generic function to return the
bits of an unsigned raw number as returned by the export_raw() functions.

regards,
Nikos






More information about the Gnutls-help mailing list