[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
certtool --generate-dh-params: Size of generator in 2.12.19 and 3.0.19
From: |
Andreas Metzler |
Subject: |
certtool --generate-dh-params: Size of generator in 2.12.19 and 3.0.19 |
Date: |
Sun, 27 May 2012 11:54:16 +0200 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
Hello,
certtool --generate-dh-params --bits 2236
seems to generate different things in GnuTLS 2.12.19 and 3.0.19. The
resulting files are of different size. certtool --dh-info show this:
------------------
address@hidden:/tmp/dh$ for i in * ; do echo $i ;certtool --dh-info < $i | grep
-E 'Generator |Prime ' ;echo ; done
2.12.19-try1
Generator (8 bits): 05
Prime (2240 bits):
2.12.19-try2
Generator (8 bits): 05
Prime (2240 bits):
3.0.19-try1
Generator (2248 bits): 01:01:e8:5e:f1:b9:ad:0f:5a:eb:61:76
Prime (2248 bits):
3.0.19-try2
Generator (2240 bits): 0f:bf:05:ea:18:02:e5:97:8e:81:17:c5
Prime (2240 bits):
------------------
+ 3.0.19 Uses a large value for Generator
+ In 3.0.19 the size of "Prime" is not constant.
("openssl dhparam" produces results similar to 2.12.19.)
Do DH paramater files generated with OpenSSL/GnuTLS-2.12.19 work fine with
GnuTLS-3.0.19, or the other way round do DH paramater files generated
with GnuTLS-3.0.19 work fine with OpenSSL/GnuTLS-2.12.19?
cu andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
- certtool --generate-dh-params: Size of generator in 2.12.19 and 3.0.19,
Andreas Metzler <=