[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [gnutls-dev] Re: gnutls_rsa_params_init hangs. Is regenerating rsa-p
From: |
Nikos Mavrogiannopoulos |
Subject: |
Re: [gnutls-dev] Re: gnutls_rsa_params_init hangs. Is regenerating rsa-params once a day to frequent? |
Date: |
Wed, 15 Dec 2004 18:14:06 +0100 |
User-agent: |
KMail/1.7.1 |
On Tuesday 14 December 2004 16:09, Simon Josefsson wrote:
> > Is exim faulty for running gnutls_rsa_params_generate2 while handling
> > an incoming connection? (Not faulty as in in "not optimal" but as in
> > "the stupiest idea I've ever heard of, everybody using gnutls seriously
> > knows that you put running gnutls_rsa_params_generate2 in a separate
> > little thread/program")
> I wouldn't say faulty, but as you suggest, it may be sub-optimal. You
> could have a stand-alone program that generate dh/rsa parameters, save
> the data to a file and ask the main process to re-load its data. Or
> use a separate thread.
In addition certtool can generate parameters by using:
1. for DH: ./certtool --generate-dh-params --bits 1024 --outfile dhfile
2. for RSA 512: ./certtool --generate-privkey --bits 512 --outfile rsafile
You can easily import the output of certtool to any program by using
the gnutls_dh_params_import_pkcs3() and gnutls_rsa_params_import_pkcs1()
functions.
--
Nikos Mavrogiannopoulos