Next: Deriving keys for other applications/protocols, Previous: TLS 1.3 re-authentication and re-key, Up: Advanced topics [Contents][Index]
Prior to GnuTLS 3.6.0 for the ephemeral or anonymous Diffie-Hellman (DH) TLS ciphersuites the application was required to generate or provide DH parameters. That is no longer necessary as GnuTLS utilizes DH parameters and negotiation from [RFC7919].
Applications can tune the used parameters by explicitly specifying them in the priority string. In server side applications can set the minimum acceptable level of DH parameters by calling gnutls_certificate_set_known_dh_params, gnutls_anon_set_server_known_dh_params, or gnutls_psk_set_server_known_dh_params, depending on the type of the credentials, to set the lower acceptable parameter limits. Typical applications should rely on the default settings.
int gnutls_certificate_set_known_dh_params (gnutls_certificate_credentials_t res, gnutls_sec_param_t sec_param)int gnutls_anon_set_server_known_dh_params (gnutls_anon_server_credentials_t res, gnutls_sec_param_t sec_param)int gnutls_psk_set_server_known_dh_params (gnutls_psk_server_credentials_t res, gnutls_sec_param_t sec_param)Note that older than 3.5.6 versions of GnuTLS provided functions to generate or import arbitrary DH parameters from a file. This practice is still supported but discouraged in current versions. There is no known advantage from using random parameters, while there have been several occasions where applications were utilizing incorrect, weak or insecure parameters. This is the main reason GnuTLS includes the well-known parameters of [RFC7919] and recommends applications utilizing them.
In older applications which require to specify explicit DH parameters, we recommend
using certtool (of GnuTLS 3.5.6 or later) with the --get-dh-params
option to obtain the FFDHE parameters discussed above. The output
parameters of the tool are in PKCS#3 format and can be imported by
most existing applications.
The following functions are still supported but considered obsolete.
int gnutls_dh_params_generate2 (gnutls_dh_params_t dparams, unsigned int bits)int gnutls_dh_params_import_pkcs3 (gnutls_dh_params_t params, const gnutls_datum_t * pkcs3_params, gnutls_x509_crt_fmt_t format)void gnutls_certificate_set_dh_params (gnutls_certificate_credentials_t res, gnutls_dh_params_t dh_params)Next: Deriving keys for other applications/protocols, Previous: TLS 1.3 re-authentication and re-key, Up: Advanced topics [Contents][Index]