Jonathon Green wrote:
Hi List,
I have a question which is partly OpenSSL specific and
partly a more general Diffie-Hellman (parameter
generation) question....
The background for my problem is that I'm writing an
engine and am trying to implement the:
int (*generate_params)(DH *dh, int prime_len, int
generator, BN_GENCB *cb);
function of the dh_method.
This function, as per the internal OpenSSL
implementation, expects the bit size of the prime and
the value of the generator, however, the API that I'm
calling through to expects the bit size of the prime
and the 'Diffie-Hellman generator order' (as an
unsigned long.)
From my understanding the 'Diffie-Hellman generator
order' that they are refering to is the order of the
cyclic subgroup GF(p)* whose generator is the same 'g'
hmm, using for example a strong prime p = 2q + 1 (q prime)
the order of a subgroup divids the group order of GF(p) =>
hence the order for a safe prime is either q, 2 or p-1 and
hence doesn't normally fit into one "unsigned long" value.
Using a "generator" with a order which fits into a
"unsigned long" value doesn't really sounds that safe ;-)
Perhaps 'Diffie-Hellman generator order' is the size of
the generator in bits ?
which the OpenSSL function takes as an input. The API
allows me to retrive the generator as a result of the
parameter generation process, the values of which are
large and nothing like the 2 or 5 that OpenSSL expects
as input to the DH_check() function.
yep, DH_check(dh, ret) should return DH_UNABLE_TO_CHECK_GENERATOR
in ret in this case.
Cheers,
Nils
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
