OpenSSL "pkeyparam -text" - Print DH Parameters in Text

Q

How to print DH key generation parameters in text format using OpenSSL "pkeyparam" command?

✍: FYIcenter.com

A

If you want to see contents of a DH key generation parameter file in text format, you can use the OpenSSL "pkeyparam -text" command as shown below:

C:\Users\fyicenter>\local\openssl\openssl.exe

OpenSSL> pkeyparam -in my_dh.prm -text -noout
DH Parameters: (1024 bit)
    prime:
        00:bc:e2:cd:16:1f:86:17:5c:d6:68:89:31:71:bc:
        f2:d2:82:09:d2:ce:48:81:bb:1b:61:6c:87:6e:de:
        73:8d:40:3f:ea:44:c6:24:fb:f3:53:ff:26:39:cb:
        9b:2f:39:36:2c:bd:3a:14:d9:0e:48:92:9c:0a:8d:
        89:63:be:0c:2f:f7:7a:52:0a:8c:77:f1:42:00:4c:
        31:df:b9:ec:c0:9d:b8:7f:4c:10:e5:44:40:a6:ff:
        76:b2:64:3c:57:82:05:28:49:94:cf:8a:ca:83:42:
        a4:b7:d5:d1:3b:bf:89:c6:ff:29:34:00:51:d8:90:
        03:47:1e:84:1b:53:36:6c:33
    generator: 2 (0x2)

Options used in this command are:

  • "-in my_dh.prm" - Read the DH key generation parameter file.
  • "-text" - Print out parameter information in text format.
  • "-noout" - Do not include parameters itself in the output.

This test tells us that there are two DH key generation parameters:

prime: A prime number with n bits (representing the size of the DH key).
generator: A generator value of 2.

 

OpenSSL "genpkey" Command for DH Keys

⇒⇒OpenSSL Tutorials

2017-11-02, 327👍, 0💬