[openssl-users] RFC 7919 DH parameters and OpenSSL DH_check()

Andy Schmidt andrewrobertschmidt at gmail.com
Thu Jan 3 20:18:05 UTC 2019

I am adding the RFC 7919 Diffie-Hellman parameters to our TLS servers, and
I've found that these parameters won't pass OpenSSL's Diffie Hellman
parameter check function DH_check(). The return code is
DH_NOT_SUITABLE_GENERATOR. Looking at the source code, it appears to fail
because the remainder of the prime divided by 24 is not 11. That its, p mod
24 != 11. I have a couple of questions:

What relationship between the prime p and the generator g is this checking
for? I thought that since p was a safe prime, as long as the generator g
wasn't 1 the only choice is between the full group and the subgroup of the

I would like to use DH_check() to attempt to ensure that Diffie Hellman
parameters haven't been tampered on operating systems that don't have
digital signatures for executable binaries.

The OpenSSL version in use is 1.0.2q.

Any help is greatly appreciated.
Andy Schmidt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190103/b49b6ced/attachment.html>

More information about the openssl-users mailing list