Hello, It seems that by switching gnutls to nettle 2.7.x for DSA (and DH) key generation the forwarded issues occur. Would it be possible to have a 2.7.x release with the attached patch? That would allow gnutls 3.3.x generate arbitrary DH parameters.
regards, Nikos
From c7ef2843dfca566fc67e6c8ffb601a05a60d24d9 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos <[email protected]> Date: Tue, 16 Dec 2014 12:56:34 +0100 Subject: [PATCH] allow the usage of arbitrary q_bits sizes in DSA key generation --- dsa-keygen.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/dsa-keygen.c b/dsa-keygen.c index 1b84e49..65ad80f 100644 --- a/dsa-keygen.c +++ b/dsa-keygen.c @@ -61,7 +61,8 @@ dsa_generate_keypair(struct dsa_public_key *pub, return 0; break; default: - return 0; + if (q_bits < 160) + return 0; } mpz_init (p0); -- 2.1.0
_______________________________________________ nettle-bugs mailing list [email protected] http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
