[openssl-users] Problem with DH key derivation
Josh Shamir
josh.shamir at gmail.com
Fri Apr 28 07:07:09 UTC 2017
Dear all,
I am trying DH key derivation by using OpenSSL commands. However, I got the
following problem:
"140343063295640:error:0609B099:digital envelope
routines:EVP_PKEY_derive_set_peer:different parameters:pmeth_fn.c:314:
Public Key operation error
140343063295640:error:0507006C:Diffie-Hellman routines:PKEY_DH_DERIVE:keys
not set:dh_pmeth.c:436:"
Please find below the logs of the whole execution.
Thanks in advance.
Josh
$openssl dhparam -out dhparams.pem -2 1024
Generating DH parameters, 1024 bit long safe prime, generator 2
This is going to take a long time
............................+...............................+...............................................................+.........................+.....................+...+....................+...................................+.....................................................................................................................+......................................................+........+..............................+...................+........................+...................+...........+.................................+..................................+.....+........................+.........................................................................................................................................+.................+.........................................................................+................................................+...........................................+.............................................+...........................................+........................+.....................................................................................................................................+.......+..........+.........+.....................................................................................+..........+..................+........................................................................+..................................................+.................+............+..........+.........+...............................+.+..........................................................+...........+....................................+...........................................................................................................................+..........+............................................+...................................................................................+...............................+...........................................+.................+....................+.................................................................+........................................................+....+........................................................................................+....++*++*++*
$ openssl dhparam -in dhparams.pem -text
DH Parameters: (1024 bit)
prime:
00:b1:c7:28:66:0a:4d:05:3d:91:ce:76:ee:4a:b4:
14:2b:f2:32:2c:ef:7a:66:33:40:a0:a8:e9:8b:97:
82:7f:23:b2:23:6c:a5:47:8a:dc:41:d0:e3:c9:f6:
4f:a9:a6:de:b1:9e:8e:23:e9:6e:5d:fa:6a:50:98:
a9:f0:6b:72:15:1f:0a:77:a7:77:5e:cb:a0:67:8b:
d7:a0:e6:99:4c:9d:e2:e4:8f:cf:1f:20:f4:25:00:
a5:63:78:b8:18:06:4f:f4:c8:56:58:9f:81:a2:58:
00:9e:57:33:77:83:cd:6b:19:d3:f1:08:c2:08:28:
c1:72:99:63:bb:92:e3:34:63
generator: 2 (0x2)
-----BEGIN DH PARAMETERS-----
MIGHAoGBALHHKGYKTQU9kc527kq0FCvyMizvemYzQKCo6YuXgn8jsiNspUeK3EHQ
48n2T6mm3rGejiPpbl36alCYqfBrchUfCnend17LoGeL16DmmUyd4uSPzx8g9CUA
pWN4uBgGT/TIVlifgaJYAJ5XM3eDzWsZ0/EIwggowXKZY7uS4zRjAgEC
-----END DH PARAMETERS-----
$ openssl genpkey -paramfile dhparams.pem -out dhkeyD.pem
$ openssl pkey -in dhkeyD.pem -text
-----BEGIN PRIVATE KEY-----
MIIBIQIBADCBlQYJKoZIhvcNAQMBMIGHAoGBALHHKGYKTQU9kc527kq0FCvyMizv
emYzQKCo6YuXgn8jsiNspUeK3EHQ48n2T6mm3rGejiPpbl36alCYqfBrchUfCnen
d17LoGeL16DmmUyd4uSPzx8g9CUApWN4uBgGT/TIVlifgaJYAJ5XM3eDzWsZ0/EI
wggowXKZY7uS4zRjAgECBIGDAoGARFU/WSRjg29qYlKybN303REnpra0s/DAeHpt
ET4sggJBZqd1q6zaymTBhn9Ox9HDxME/CucKZSrKDUJGlWSLvhwM4sBZIikhzUOs
WRAobTkEwP/Fiyq7QJi3vq1lfYZaSATHvccAQDuROC38Km3dkIjb6g4U5vUzxbo0
ATC7pIw=
-----END PRIVATE KEY-----
DH Private-Key: (1024 bit)
private-key:
44:55:3f:59:24:63:83:6f:6a:62:52:b2:6c:dd:f4:
dd:11:27:a6:b6:b4:b3:f0:c0:78:7a:6d:11:3e:2c:
82:02:41:66:a7:75:ab:ac:da:ca:64:c1:86:7f:4e:
c7:d1:c3:c4:c1:3f:0a:e7:0a:65:2a:ca:0d:42:46:
95:64:8b:be:1c:0c:e2:c0:59:22:29:21:cd:43:ac:
59:10:28:6d:39:04:c0:ff:c5:8b:2a:bb:40:98:b7:
be:ad:65:7d:86:5a:48:04:c7:bd:c7:00:40:3b:91:
38:2d:fc:2a:6d:dd:90:88:db:ea:0e:14:e6:f5:33:
c5:ba:34:01:30:bb:a4:8c
public-key:
55:10:23:26:8c:2b:15:8f:e1:d7:28:48:ad:a9:c8:
53:19:34:b8:7f:ed:c5:f1:e7:b6:e2:cd:b2:08:d8:
0c:71:7b:68:fd:8c:1a:85:92:31:c0:45:7f:3b:cf:
33:a6:67:21:cf:1b:71:30:a5:d9:f4:cf:de:e5:52:
0e:d7:dd:52:2a:ae:fc:e2:79:20:64:34:76:0a:92:
90:c2:90:75:aa:2c:f7:58:19:40:cd:ed:d5:dd:7f:
9e:90:36:fa:dc:83:c8:e5:41:89:3e:8c:f7:87:86:
3b:a6:98:01:82:ed:b7:36:24:84:b8:32:63:8f:13:
4b:b3:96:79:d0:80:30:09
prime:
00:b1:c7:28:66:0a:4d:05:3d:91:ce:76:ee:4a:b4:
14:2b:f2:32:2c:ef:7a:66:33:40:a0:a8:e9:8b:97:
82:7f:23:b2:23:6c:a5:47:8a:dc:41:d0:e3:c9:f6:
4f:a9:a6:de:b1:9e:8e:23:e9:6e:5d:fa:6a:50:98:
a9:f0:6b:72:15:1f:0a:77:a7:77:5e:cb:a0:67:8b:
d7:a0:e6:99:4c:9d:e2:e4:8f:cf:1f:20:f4:25:00:
a5:63:78:b8:18:06:4f:f4:c8:56:58:9f:81:a2:58:
00:9e:57:33:77:83:cd:6b:19:d3:f1:08:c2:08:28:
c1:72:99:63:bb:92:e3:34:63
generator: 2 (0x2)
$ openssl pkey -in dhkeyD.pem -pubout -out dhpubD.pem
$ openssl pkey -pubin -in dhpubD.pem -text
-----BEGIN PUBLIC KEY-----
MIIBHzCBlQYJKoZIhvcNAQMBMIGHAoGBALHHKGYKTQU9kc527kq0FCvyMizvemYz
QKCo6YuXgn8jsiNspUeK3EHQ48n2T6mm3rGejiPpbl36alCYqfBrchUfCnend17L
oGeL16DmmUyd4uSPzx8g9CUApWN4uBgGT/TIVlifgaJYAJ5XM3eDzWsZ0/EIwggo
wXKZY7uS4zRjAgECA4GEAAKBgFUQIyaMKxWP4dcoSK2pyFMZNLh/7cXx57bizbII
2Axxe2j9jBqFkjHARX87zzOmZyHPG3Ewpdn0z97lUg7X3VIqrvzieSBkNHYKkpDC
kHWqLPdYGUDN7dXdf56QNvrcg8jlQYk+jPeHhjummAGC7bc2JIS4MmOPE0uzlnnQ
gDAJ
-----END PUBLIC KEY-----
DH Public-Key: (1024 bit)
public-key:
55:10:23:26:8c:2b:15:8f:e1:d7:28:48:ad:a9:c8:
53:19:34:b8:7f:ed:c5:f1:e7:b6:e2:cd:b2:08:d8:
0c:71:7b:68:fd:8c:1a:85:92:31:c0:45:7f:3b:cf:
33:a6:67:21:cf:1b:71:30:a5:d9:f4:cf:de:e5:52:
0e:d7:dd:52:2a:ae:fc:e2:79:20:64:34:76:0a:92:
90:c2:90:75:aa:2c:f7:58:19:40:cd:ed:d5:dd:7f:
9e:90:36:fa:dc:83:c8:e5:41:89:3e:8c:f7:87:86:
3b:a6:98:01:82:ed:b7:36:24:84:b8:32:63:8f:13:
4b:b3:96:79:d0:80:30:09
prime:
00:b1:c7:28:66:0a:4d:05:3d:91:ce:76:ee:4a:b4:
14:2b:f2:32:2c:ef:7a:66:33:40:a0:a8:e9:8b:97:
82:7f:23:b2:23:6c:a5:47:8a:dc:41:d0:e3:c9:f6:
4f:a9:a6:de:b1:9e:8e:23:e9:6e:5d:fa:6a:50:98:
a9:f0:6b:72:15:1f:0a:77:a7:77:5e:cb:a0:67:8b:
d7:a0:e6:99:4c:9d:e2:e4:8f:cf:1f:20:f4:25:00:
a5:63:78:b8:18:06:4f:f4:c8:56:58:9f:81:a2:58:
00:9e:57:33:77:83:cd:6b:19:d3:f1:08:c2:08:28:
c1:72:99:63:bb:92:e3:34:63
generator: 2 (0x2)
$ openssl pkeyutl -derive -inkey dhkeyD.pem -peerkey dhpubm.pem -out
segreto1.bin
140343063295640:error:0609B099:digital envelope
routines:EVP_PKEY_derive_set_peer:different parameters:pmeth_fn.c:314:
Public Key operation error
140343063295640:error:0507006C:Diffie-Hellman routines:PKEY_DH_DERIVE:keys
not set:dh_pmeth.c:436:
$
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170428/ea58aa00/attachment-0001.html>
More information about the openssl-users
mailing list