[openssl-users] Problem with DH key derivation

Matt Caswell matt at openssl.org
Fri Apr 28 09:04:40 UTC 2017

On 28/04/17 08:07, Josh Shamir wrote:
> Dear all,
> I am trying DH key derivation by using OpenSSL commands. However, I got
> the following problem:
> "140343063295640:error:0609B099:digital envelope
> routines:EVP_PKEY_derive_set_peer:different parameters:pmeth_fn.c:314:
> Public Key operation error
> 140343063295640:error:0507006C:Diffie-Hellman
> routines:PKEY_DH_DERIVE:keys not set:dh_pmeth.c:436:"


> $ openssl pkeyutl -derive -inkey dhkeyD.pem -peerkey dhpubm.pem -out
> segreto1.bin

What are the parameters used for dhpubm.pem? The parameters used for
that and for dhkeyD.pem must be the same - but you have generated a
completely new set of parameters in the steps above.

Get hold of the parameters for dhpubm.pem and regenerate a fresh DH key
based on those params. You should then be able to derive.


More information about the openssl-users mailing list