Re: When do I need to install dh parameters?

[Nikos Mavrogiannopoulos]

On 10/03/2010 12:14 AM, Sam Varshavchik wrote:
> Conceptually, I'm trying to understand when I need to install DH
> parameters if I'm using RSA certificates, using
> gnutls_certificate_set_dh_params(). I understand that DH parameters are
> required when using DH server certs, but I've got a bunch of test code
> (an internal testsuite) that uses RSA certs, with gnutls on both the
> client and server side, setting up TLS sessions in various ways --
> installing a certificate up front, on the server side, or using a
> callback to return a certificate for particular TLS sessionm, etc.

DH parameters are used in the ephemeral Diffie Hellman ciphersuites and
the anonymous ciphersuites. DH certificates are not supported by gnutls
(and even if they were they wouldn't use the parameters). Those
ciphersuites provide forward secrecy by performing a diffie hellman
negotiation signed with your RSA certificate.

> I find that sometimes I can get through a handshake without loading DH
> parameters, other times handshake fails unless I install them. As far as
> I can see that's the only major difference between my code that works
> without DH parameters, and the one that fails to handshake unless DH
> parameters are installed. Am I on the right track, or are there also
> other situations?

Depends on the ciphersuite chosen (by you or the peer). The DHE
ciphersuites require them.

regards,
Nikos