Generating Safe Primes

Question

Generating Safe Primes

I need to create a safe prime number that has the form 2p + 1, where p is also prime from some bit length (say, 1024 bits). It should be used when exchanging DH keys.

I believe openssl can do this through

openssl gendh 1024

however this returns base64 pem format

-----BEGIN DH PARAMETERS-----
MIGHAoGBANzQ1j1z7RGB8XUagrGWK5a8AABecNrovcIgalv1hQdkna2PZorHtbOa
wYe1eDy1t/EztsM2Cncwvj5LBO3Zqsd5tneehKf8JoT35/q1ZznfLD8s/quBgrH8
es2xjSD/9syOMMiSv7/72GPJ8hzhLrbTgNlZ+kYBAPw/GcTlYjc7AgEC
-----END DH PARAMETERS-----

How can I extract a secure prime number from this base64 database?
Is it easier to create my own secure barcode with my own code?

how can I verify that the stroke is "safe" and a certain bit length.

+5

openssl encryption primes

user499211 Mar 21 '11 at 15:56

source share

2 answers

, @Luke. , - openssl, , . ; (p-1)/2 .

openssl dh . -C , , . .

openssl gendh -out testdh.pem 1024
openssl dh -in testdh.pem -noout -C
openssl dh -in testdh.pem -noout

, DH- DH.

openssl dh -in testdh.pem -outform der -out testdh.der

- ans1parse:

openssl asn1parse -in testdh.pem

+5

James K Polk 22 . '11 14:05

Luke · Accepted Answer · 2011-03-22T14:44:19+0000

@GregS , , , . , , C BN_generate_prime(...) OpenSSL. , , , , , , .

Generating Safe Primes

More articles: