<div dir="ltr"><a class="gmail_plusreply" id="plusReplyChip-0" href="mailto:Michael.Wojcik@microfocus.com" tabindex="-1">@Michael Wojcik</a><div> </div><div>I am using OpenSSL on Windows from: was expecting an exe installer directly by OpenSSL<br></div><div><br></div><div><a href="https://slproweb.com/products/Win32OpenSSL.html">https://slproweb.com/products/Win32OpenSSL.html</a></div><div><br></div><div><img src="cid:ii_letqceco0" alt="image.png" width="480" height="21"></div><div><br></div><div>The command though I would need to explore the suggestions in output. Also where can I see the standard umask table to use for the key usage type (incase required)<br></div><div><img src="cid:ii_letqhmhc1" alt="image.png" width="578" height="82"></div><div><br></div><div>DH>> <span style="color:rgb(31,73,125);font-family:Calibri,sans-serif;font-size:14.6667px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;display:inline;float:none">To generate the jointly established shared secret which is a symmetric<span> </span></span><span class="gmail-markeru4sconm" style="border:0px none;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:inherit;font-variant-east-asian:inherit;font-weight:400;font-stretch:inherit;font-size:14.6667px;line-height:inherit;font-family:Calibri,sans-serif;margin:0px;padding:0px;vertical-align:baseline;color:rgb(31,73,125);letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial">key</span><span style="color:rgb(31,73,125);font-family:Calibri,sans-serif;font-size:14.6667px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;display:inline;float:none">.<span> Was wondering to achieve the same via OpenSSL, first generating the DH parameters and then using it further.</span></span></div><div><span style="color:rgb(31,73,125);font-family:Calibri,sans-serif;font-size:14.6667px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;display:inline;float:none"><span><br></span></span></div><div><span style="color:rgb(31,73,125);font-family:Calibri,sans-serif;font-size:14.6667px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;display:inline;float:none"><span><br></span></span></div><div><span style="color:rgb(31,73,125);font-family:Calibri,sans-serif;font-size:14.6667px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;display:inline;float:none"><span><a class="gmail_plusreply" id="plusReplyChip-1">@Viktor</a></span></span></div><div><span style="color:rgb(31,73,125);font-family:Calibri,sans-serif;font-size:14.6667px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;display:inline;float:none"><span><a class="gmail_plusreply" id="plusReplyChip-1"><br></a></span></span></div><div><span style="color:rgb(31,73,125);font-family:Calibri,sans-serif;font-size:14.6667px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;display:inline;float:none"><span><a class="gmail_plusreply" id="plusReplyChip-1">Thank you :) Seems more useful to programmers, will try later once learn python to utilize this.</a></span></span></div><div><span style="color:rgb(31,73,125);font-family:Calibri,sans-serif;font-size:14.6667px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;display:inline;float:none"><span><a class="gmail_plusreply" id="plusReplyChip-1"><br></a></span></span></div><div><span style="color:rgb(31,73,125);font-family:Calibri,sans-serif;font-size:14.6667px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;display:inline;float:none"><span><a class="gmail_plusreply" id="plusReplyChip-1">Regards<br></a></span></span>

</div><div><br><br></div><div><br></div><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Mar 2, 2023 at 1:00 AM Viktor Dukhovni <<a href="mailto:openssl-users@dukhovni.org">openssl-users@dukhovni.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On Wed, Mar 01, 2023 at 08:06:06PM +0530, Newbie User wrote:<br>
<br>
> Could someone share the standard commands to create these keys.<br>
> <br>
> Tried using OpenSSL for AES and it says deprecated key derivation used<br>
> while creating AES.<br>
> <br>
> Also how can we achieve an entire use case of DH symmetric key while using<br>
> asymmetric keys.<br>
<br>
See:<br>
<br>
    <a href="https://www.openssl.org/docs/man1.1.1/man3/EVP_PKEY_derive.html" rel="noreferrer" target="_blank">https://www.openssl.org/docs/man1.1.1/man3/EVP_PKEY_derive.html</a><br>
    <a href="https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_derive.html" rel="noreferrer" target="_blank">https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_derive.html</a><br>
<br>
-- <br>
    Viktor.<br>
</blockquote></div>