[Bug 1463147] Re: gnutls_dh_params_generate2 generates short primes
Adrien Nader
1463147 at bugs.launchpad.net
Fri Mar 28 13:20:40 UTC 2025
Since the issue is fixed in newer versions and this only applies to
releases that are either only in legacy support or about to be, I'll
close the issue.
** Changed in: gnutls28 (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnutls28 in Ubuntu.
https://bugs.launchpad.net/bugs/1463147
Title:
gnutls_dh_params_generate2 generates short primes
Status in gnutls28 package in Ubuntu:
Won't Fix
Bug description:
I have several hosts (running inspircd) that call
gnutls_dh_params_generate2 to generate their dh params.
The key lengths that openssl s_client reports are not always the
correct length.
It seems that gnutls is not following the crypto-community standard of
forcing the high bit on before throwing the random number into
primality testing.
Looking at gen_group() in lib/nettle/mpi.c in the gnutls sources may
be useful.
dh_bits == 2048
Server Temp Key: DH, 2046 bits
Server Temp Key: DH, 2048 bits
Server Temp Key: DH, 2047 bits
Server Temp Key: DH, 2046 bits
Server Temp Key: DH, 2049 bits
dh_bits == 3072
Server Temp Key: DH, 3072 bits
Server Temp Key: DH, 3069 bits
Seen in trusty's libgnutls28=3.2.11-2ubuntu1
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1463147/+subscriptions
More information about the foundations-bugs
mailing list