Re: Using DH parameters from OpenSSL

Tue, 14 Dec 2010 16:17:39 -0800 

How do you mean, an additional 0 byte is prepended?  I generated
several DH parameters and exported them to C code ( -C ), some of
which has the MSB set.  It looks like BN_bin2bn is used directly on
the raw bytes of the prime without any padding.

Mike

On Tue, Dec 14, 2010 at 12:54 PM, Erik Tkal <et...@juniper.net> wrote:
> DER encoding of numeric data should always be network byte order MSB...LSB.  
> Note that if the high order bit is set then an additional 0 byte is prepended.
>
> ....................................
> Erik Tkal
> Juniper OAC/UAC/Pulse Development
>
>
> -----Original Message-----
> From: owner-openssl-us...@openssl.org 
> [mailto:owner-openssl-us...@openssl.org] On Behalf Of Mike Mohr
> Sent: Tuesday, December 14, 2010 3:42 PM
> To: openssl-users@openssl.org
> Subject: Using DH parameters from OpenSSL
>
> Good afternoon,
>
> I'm trying to understand the data format that OpenSSL writes out its
> DH parameters in.  I am aware that the actual data is encoded using
> ASN.1 DER and have a way to parse the container.  My question really
> amounts to byte ordering when DH parameters are generated like this:
>
> openssl dhparam -outform DER -5 -out parameters.dh 4096
>
> Take, for example, the safe prime 'p' in parameters.dh.  Are its bytes
> stored in MSB...LSB form, such that the number is interpreted
> similarly to a human reading base 10 numbers on paper?  That is to
> say, left to right 1 byte at a time?
>
> Thanks for any clarification,
> Mike
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    openssl-us...@openssl.org
> Automated List Manager                           majord...@openssl.org
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    openssl-us...@openssl.org
> Automated List Manager                           majord...@openssl.org
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to