[gnutls-help] too few bits from gnutls_dh_params_generate2() ?

Nikos Mavrogiannopoulos nmav at gnutls.org
Mon Nov 10 23:59:18 CET 2014

On Mon, 2014-11-10 at 11:48 -1000, Daniel Kahn Gillmor wrote:
> Hi Pierre--

> > After some debugging it turns out that the failing criteria is that
> > multiple of 64 bits requirement[1]. For some reason I've gotten a 1023
> > bit prime, even though I called gnutls_dh_params_generate2() with 1024
> > as the argument.
> ugh.  Java is at fault here -- there's no sense in this particular
> severe limitation.  if they're willing to use 512-bit DHE parameters and
> 1024-bit DHE parameters, they should be willing to use 1023-bit DHE
> parameters.

That's indeed quite some arbitrary limitation.

> That said, i suppose it's possible that gnutls could always ensure that
> the high bit is set when generating a prime of a given size.

That should be the case in gnutls 3.3.x. That version delegates to
nettle the DH parameter generation and nettle seems to be more precise.

> > This is with GnuTLS 3.2.15 and nettle 2.7.1 on Windows.
> > Who's to blame here? GnuTLS? Java? Us? Everybody? :)
> > And what do I do about it? Keep calling gnutls_dh_params_generate2()
> > until I get what I need?

One option would be to upgrade to 3.3.x.


More information about the Gnutls-help mailing list