[openssl-users] What is the need for 0x00 byte prefix in pubkey and prime of a static DH key pair?

Kyle Hamilton aerowolf at gmail.com
Fri Nov 30 11:31:48 UTC 2018 

The DER (Distinguished Encoding Rules of ASN.1, which can be found in ITU-T
recommendation X.680 and X.681) requirement is that if a particular number
is positive, the highest-order bit can never be set (since the
highest-order bit is always the negative sign indicator). The rules further
explain that the appropriate way to encode a positive integer with the
highest bit set is to add an additional 0x00 byte, making the new most
significant bit into a 0.

This is also why the serial number field in a certificate can be 21 bytes
long, even when implementing PKIX's minimum serial number length of 20
bytes.  Numbers included in an ASN.1-encoded structure aren't ever intended
to be used directly, they're intended to be decoded before the data is
passed back to client code.

I realize this is much more information than you asked, but it might help
to think of it as "it's done this way for compliance with the standards".

-Kyle H

On Thu, Nov 29, 2018, 21:26 M K Saravanan <mksarav at gmail.com wrote:

> Hi,
>
> When I create static DH key pair using openssl, why the public key and
> prime contains the prefix 0x00 byte?
>
> For e.g. in 1024 bit key, 128 bytes is enough.
>
> private key properly shows 128 bytes.  But public key and prime shows
> 129 bytes with a 0x00 byte at the beginning.  What is the need for
> this 0x00 byte at the beginning?  i.e. why it is using 129 bytes
> instead of 128?
>
>
> $ openssl version
> OpenSSL 1.1.1  11 Sep 2018
>
> $ openssl dhparam -out mydhp.pem 1024
> [...]
>
> $ openssl genpkey -paramfile ./mydhp.pem -out mydhkey.pem
>
> $ openssl pkey -in ./mydhkey.pem -text -noout
> DH Private-Key: (1024 bit)
>     private-key:
>         52:61:87:52:b4:27:5f:c3:cf:ab:2f:20:b4:aa:b7:
>         df:c3:87:63:50:d2:06:dd:65:8f:db:55:2e:08:d5:
>         62:44:1a:f5:d8:73:66:fe:a7:c4:43:be:f7:f0:d0:
>         ba:4c:bf:f0:70:70:c9:25:92:da:ef:69:01:1a:b9:
>         d9:d9:1f:b9:22:a6:84:48:d8:58:a8:a4:9e:7f:85:
>         6b:9e:45:89:07:0c:fb:00:f1:0a:fb:24:10:e4:bb:
>         2b:1c:7d:dc:d1:12:a3:21:5a:9b:8e:bf:9d:33:e8:
>         65:fe:c2:5c:ea:47:fa:00:04:80:cf:85:e1:c6:71:
>         67:4b:7b:71:92:07:59:48
>     public-key:
>         00:a0:0d:41:8a:27:55:07:2a:01:dd:a7:e2:86:bb:
>         69:71:86:1d:62:0c:f3:b7:61:78:81:37:6c:a1:d3:
>         e8:55:9d:8a:1f:e8:5e:7f:18:00:0f:4e:1d:97:70:
>         a0:e7:19:2b:82:69:c3:aa:61:ea:b8:9c:10:36:19:
>         e9:b9:13:db:9a:ef:34:bf:10:f7:93:84:5d:a3:b4:
>         58:3a:40:ec:4b:79:06:52:b8:fe:b8:22:0d:f3:f9:
>         33:1e:8e:43:69:bb:77:3d:10:78:c6:65:e8:04:08:
>         96:1e:cc:6c:92:e4:55:f4:2c:d0:3d:b7:5f:58:70:
>         cf:fe:a7:5f:23:e3:d9:5e:c4
>     prime:
>         00:a2:f4:9d:1c:3f:75:8f:3e:e3:c9:95:09:79:09:
>         16:f2:f0:61:c4:e1:b9:23:22:a3:58:d7:38:7d:06:
>         af:57:ad:14:5e:13:bd:71:ed:31:89:cb:65:d6:46:
>         3b:29:57:ad:a9:8e:58:e6:df:c0:37:2f:4f:be:45:
>         d7:c8:f1:87:ef:af:65:87:34:4a:7d:78:b8:0b:0b:
>         33:d8:c1:fb:05:9e:ce:9a:27:7e:4a:2a:aa:18:33:
>         35:ea:d0:b0:b7:fa:cb:d1:51:bf:11:98:12:24:be:
>         1d:1c:87:c3:37:ed:0f:b9:53:23:fc:a1:be:75:ed:
>         81:04:e5:6a:b3:83:40:e0:43
>     generator: 2 (0x2)
>
>
> with regards,
> Saravanan
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20181130/f5bf0f10/attachment.html>

More information about the openssl-users mailing list