[gnutls-dev] Re: gnutls_rsa_params_init hangs. Is regenerating rsa-params once a day to frequent?
Nikos Mavrogiannopoulos
nmav at gnutls.org
Wed Dec 15 18:14:06 CET 2004
On Tuesday 14 December 2004 16:09, Simon Josefsson wrote:
> > Is exim faulty for running gnutls_rsa_params_generate2 while handling
> > an incoming connection? (Not faulty as in in "not optimal" but as in
> > "the stupiest idea I've ever heard of, everybody using gnutls seriously
> > knows that you put running gnutls_rsa_params_generate2 in a separate
> > little thread/program")
> I wouldn't say faulty, but as you suggest, it may be sub-optimal. You
> could have a stand-alone program that generate dh/rsa parameters, save
> the data to a file and ask the main process to re-load its data. Or
> use a separate thread.
In addition certtool can generate parameters by using:
1. for DH: ./certtool --generate-dh-params --bits 1024 --outfile dhfile
2. for RSA 512: ./certtool --generate-privkey --bits 512 --outfile rsafile
You can easily import the output of certtool to any program by using
the gnutls_dh_params_import_pkcs3() and gnutls_rsa_params_import_pkcs1()
functions.
--
Nikos Mavrogiannopoulos
More information about the Gnutls-devel
mailing list