On Fri, 2013-12-06 at 20:00 +0100, Niels Möller wrote:
Nikos Mavrogiannopoulos nmav@gnutls.org writes:
I tried to switch gnutls to use dsa_generate_keypair() to generate primes for the DH key exchange, but unfortunately this interface has the strict DSS checks for q_bits.
I'm not sure what's the right thing is here.
Simplest would be to just drop these requirements from dsa_generate_keypair, and let it do whatever the caller asks for. Do you think that makes sense?
Sounds reasonable. Nettle is low-level anyway.
Related issue, which soemone else asked about some week ago, is separating generation of DSA parameters (i.e., p, q, g) from generation of the key pair. Currently, there's no easy way in nettle to generate a key for some pre-specified DSA group. It might be better to have something like
I find that also useful. Now I just discard to values of x and y when I generate parameters, and generate the keys at later point (when there is an actual TLS connection).
(a bit analogous to the new ecdsa code). But that would be a pretty large and incompatible change, so we maybe shouldn't do that, or at least think carefully about compatibility.
In the master branch you break the ABI anyway, so it may be a good time to introduce that. Otherwise you may simply introduce new functions for the new structures and leave the old API intact.
regards, Nikos