[Bug 1463147] Re: gnutls_dh_params_generate2 generates short primes
LaMont Jones
lamont.jones at canonical.com
Mon Jun 8 19:53:58 UTC 2015
This shows up as weechat failing to connect because the key length is
less than 2048 bits (weechat's default behavior). Needless to say, if I
ask for 2048 bits of temp key, I should get (at least) 2048 bits of temp
key.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnutls28 in Ubuntu.
https://bugs.launchpad.net/bugs/1463147
Title:
gnutls_dh_params_generate2 generates short primes
Status in gnutls28 package in Ubuntu:
New
Bug description:
I have several hosts (running inspircd) that call
gnutls_dh_params_generate2 to generate their dh params.
The key lengths that openssl s_client reports are not always the
correct length.
It seems that gnutls is not following the crypto-community standard of
forcing the high bit on before throwing the random number into
primality testing.
Looking at gen_group() in lib/nettle/mpi.c in the gnutls sources may
be useful.
dh_bits == 2048
Server Temp Key: DH, 2046 bits
Server Temp Key: DH, 2048 bits
Server Temp Key: DH, 2047 bits
Server Temp Key: DH, 2046 bits
Server Temp Key: DH, 2049 bits
dh_bits == 3072
Server Temp Key: DH, 3072 bits
Server Temp Key: DH, 3069 bits
Seen in trusty's libgnutls28=3.2.11-2ubuntu1
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1463147/+subscriptions
More information about the foundations-bugs
mailing list