OpenSSL "genpkey dsa_paramgen_bits:256"

OpenSSL "genpkey dsa_paramgen_bits:256" - DSA Short Keys

Q

How to generate a new DSA key pair with a shorter key size using OpenSSL "genpkey" commands?

✍: FYIcenter.com

A

If you need a new DSA key pair with a shorter key size for testing purpose, you can use the OpenSSL "genpkey -pkeyopt dsa_paramgen_bits:nnn" command. The "-pkeyopt dsa_paramgen_bits:nnn" option specifies the size of the DSA key to be generated in number of bits. The default is 1024 bits.

Remember DSA key generation is a 2-step process as shown below:

C:\Users\fyicenter>\local\openssl\openssl.exe

OpenSSL> genpkey -genparam -algorithm dsa -out dsa_test.prm 
   -pkeyopt dsa_paramgen_bits:256

..+..+..............+..........+++++++++++++++++++++++++++++++++++++++++++++++++
++*
.............+....+..+.......................+.............+.+++++++++++++++++++
++++++++++++++++++++++++++++++++*

OpenSSL> genpkey -paramfile dsa_test.prm -out dsa_test.key

OpenSSL> pkey -in dsa_test.key -text -noout
Private-Key: (512 bit)
priv:
    5e:24:f6:13:68:b3:47:65:66:0b:d8:b2:d8:b9:61:
    97:1c:28:1c:10
pub:
    00:a7:78:fb:f5:ab:1e:97:f3:5c:b3:ed:54:d0:f1:
    1c:e5:65:74:28:94:7f:4a:58:29:db:c2:df:31:66:
    c4:fe:2b:e7:c7:4f:15:45:da:fb:ae:e1:e2:65:33:
    9d:cb:e0:26:4f:3e:0e:2f:a5:01:c6:6d:b5:e4:ca:
    51:ab:89:47:6e
P:
    00:bc:88:82:2f:8e:14:2d:4f:39:26:c5:4c:a1:47:
    f9:03:64:75:dc:83:a5:44:26:0c:52:71:b5:05:69:
    e7:35:20:c7:71:76:ce:1c:c9:a8:71:cb:5a:8c:e5:
    c8:33:88:8f:ba:0b:a3:95:0b:6a:a2:27:9b:72:03:
    fe:cf:50:d5:b7
Q:
    00:ea:00:c0:7f:9b:d0:b4:4d:50:8c:c9:c3:89:b3:
    cb:25:79:d5:6f:77
G:
    00:8b:08:f7:0f:9c:24:72:a3:9c:e4:a9:b6:6f:64:
    a6:b1:c1:b5:a4:49:21:df:9d:64:ed:23:9f:31:5e:
    89:39:a6:2d:02:14:42:65:ef:d7:e3:3c:24:dc:a7:
    eb:9b:34:e2:1f:46:12:a1:13:c1:8c:31:51:2b:c5:
    ad:5c:5f:96:ee

What this test tells us:

OpenSSL allows you to generate shorter DSA keys. The shortest ones with the "genpkey" commands are 256 bits. But don't use them in production systems. Any keys less than 2048-bit long is considered as unsafe.

⇒ OpenSSL "genpkey dsa_paramgen_bits:10240" - DSA Long Keys

⇐ OpenSSL "pkey -pubin" - View DSA Public Key

⇑ OpenSSL "genpkey" Command for DSA Keys

⇑⇑ OpenSSL Tutorials

2017-12-13, 2181🔥, 0💬

OpenSSL "genpkey" Command for DH Keys
Where to find tutorials on using OpenSSL "genpkey" and "pkey" commands for DH private keys? Here is a collection of tutorials on using OpenSSL "genpkey" and "pkey" commands compiled by FYIcenter.com team to generate and manage DH (Diffie–Hellman) private keys OpenSSL "genpkey -genparam" - Generate D... 2017-11-11, 2254🔥, 0💬

OpenSSL "genpkey dsa_paramgen_bits:256" - DSA Short Keys
How to generate a new DSA key pair with a shorter key size using OpenSSL "genpkey" commands? If you need a new DSA key pair with a shorter key size for testing purpose, you can use the OpenSSL "genpkey -pkeyopt dsa_paramgen_bits:nnn" command. The "-pkeyopt dsa_paramgen_bits:nnn" option specifies the... 2017-12-13, 2182🔥, 0💬

OpenSSL "genpkey -des" - DES Encrypt DSA Keys
How to generate a new DSA key pair and encrypt the output with a DES password using OpenSSL "genpkey" command? If you want to secure your new DSA private key with a DES encryption, you can use the OpenSSL "genpkey -des" command as shown below: C:\Users\fyicenter>\loc al\openssl\opensslOpenSSL... 2017-11-25, 1825🔥, 0💬

OpenSSL "genpkey -paramfile" - Generate DSA Key
How to generate a new DSA private key using OpenSSL "genpkey" command? If you need a new DSA private key in order to create a new certificate, you can use the OpenSSL "genpkey" command as shown below: C:\Users\fyicenter>\loc al\openssl\openssl.exeOpenSSL> genpkey -paramfile my_dsa.prm ... 2017-12-21, 1801🔥, 0💬

OpenSSL "pkey -aes*" - Re-Encrypt DSA Keys
How to re-encrypt a DSA key file using OpenSSL "pkey" command? I want to change the encryption password, and maybe change the encryption algorithm. If you want to encrypt an existing DSA key file again, you can use the "pkey -aes*" command as shown below: C:\Users\fyicenter>\loc al\openssl\ope... 2017-10-08, 1784🔥, 0💬

OpenSSL "pkey" - Open Encrypted DSA Keys
How to open an encrypted DSA key file using OpenSSL "pkey" command? I was told the key file is DES encrypted and I know the password. If you are trying to open a password (encrypted) DSA key file using the "pkey" command, you will be prompted for the password as shown below: C:\Users\fyicenter&g... 2017-10-08, 1559🔥, 0💬

OpenSSL "pkey -pubin" - View DSA Public Key
How to view contents of a DSA public key file using OpenSSL "pkey" command? If you want to view contents of a DSA public key stored in a file, you can use the OpenSSL "pkey -pubin" command as shown below: C:\Users\fyicenter>\loc al\openssl\openssl.exeOpenSSL> pkey -pubin -in my_dsa_pub... 2017-12-13, 1526🔥, 0💬

OpenSSL "pkey -pubout" - Extract DSA Public Key
How to extract the public key from a DSA key file using OpenSSL "pkey" command? If you want to extract the public key out from a DSA key file (private key an public key), you can use the OpenSSL "pkey -pubout" command as shown below: C:\Users\fyicenter>\loc al\openssl\openssl.exeOpenSSL&g... 2017-10-23, 1437🔥, 0💬

OpenSSL "pkeyparam -text" - Print DSA Parameters in Text
How to print DSA key generation parameters in text format using OpenSSL "pkeyparam" command? If you want to see contents of a DSA key generation parameter file in text format, you can use the OpenSSL "pkeyparam -text" command as shown below: C:\Users\fyicenter>\loc al\openssl\openssl.exeOpenS... 2017-12-21, 1388🔥, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.