Re: A couple of questions and concerns about Emacs network security

[Eli Zaretskii]

> From: Jimmy Yuen Ho Wong <address@hidden>
> Date: Mon, 9 Jul 2018 19:47:23 +0100
> Cc: Lars Ingebrigtsen <address@hidden>, Emacs-Devel devel <address@hidden>
> > > "Note that since 3.1.7 this function is deprecated. The minimum number
> > > of bits is set by the priority string level. Also this function must
> > > be called after gnutls_priority_set_direct() or the set value may be
> > > overridden by the selected priority options."
> >
> > Granted, I saw that.  I have GnuTLS installed with its Info manual.
> > But the above still doesn't tell what is the default number of bits,
> > even if I go hunting for the description of the priority string.
> 
> I'm not sure of the significance of what you are trying to do

I'm trying to find some evidence to the number of bits GnuTLS will use
by default.

> but if you are trying to confirm the actual min prime bit, the file
> is here:
> 
> https://gitlab.com/gnutls/gnutls/blob/master/lib/algorithms/secparams.c
> 
> The second number is the DH min prime bits. Don't ask me which row is
> the actual default... I don't want to know...

What you asked not to ask is, of course, what I'm after.  I guess the
answer is in gnutls_ui.c:

  void gnutls_dh_set_prime_bits(gnutls_session_t session, unsigned int bits)
  {
          if (bits < gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, 
GNUTLS_SEC_PARAM_WEAK)
                  && bits != 0)
                  _gnutls_audit_log(session,
                                    "Note that the security level of the 
Diffie-Hellman key exchange has been lowered to %u bits and this may allow 
decryption of the session data\n",
                                    bits);
          session->internals.priorities.dh_prime_bits = bits;
  }

This tells us that the default is GNUTLS_SEC_PARAM_WEAK, i.e. this:

        {"Weak", GNUTLS_SEC_PARAM_WEAK, 72, 1008, 1008, 160, 160}

IOW, indeed 1008 bits.

Thanks for pointing me in the right direction.