Daniel Kahn Gillmor dkg@fifthhorseman.net writes:
I'm wondering if there's an expectation of repeatable RSA key generation across different versions of libnettle.
I wouldn't expect it. On the other hand, I think most releases don't change this.
Right now, i'm trying with a statically-seeded yarrow256_ctx
When one really wants repeatability, one can use the (otherwise pretty useless) lfib_knuth generator rather than yarrow256.
has the use of random numbers (or other parts of the algorithm) changed significantly for rsa_generate_keypair() between releases?
The generation method was replaced in nettle-2.1. From the NEWS file.
* Key generation for RSA and DSA changed to use Maurer's algorithm to generate provably prime numbers (as usual, the mathematical proof does not guaranteee that the implementation is bug free).
Regards, /Niels