From the below, why is prime not same as xxd hex? I am trying to generate my own parameters but not sure what is the math for those values...
[root@localhost]# openssl dh -in dhp.pem -text
DH Parameters: (1024 bit)
prime:
00:94:b4:12:21:6d:42:b9:e3:1a:15:de:0a:ee:b6:
4b:41:fa:8f:de:44:1e:ea:a2:a2:9c:b2:28:47:19:
88:f8:65:0a:e6:09:58:c3:69:69:b4:d5:d4:d2:b5:
21:4d:1f:9b:a9:78:58:37:94:0f:6e:51:00:62:e5:
d2:44:53:36:72:99:1f:22:fc:a3:93:ab:3a:e8:3f:
7b:1b:49:36:82:1c:c3:35:4b:ef:43:f9:d4:1d:6c:
ee:8b:8d:d1:a5:8f:55:3f:db:68:c1:2f:c2:3f:9b:
31:f9:7c:01:5f:55:19:b4:3d:58:ff:32:a3:de:a7:
62:cd:ea:28:c8:63:32:53:23
generator: 2 (0x2)
-----BEGIN DH PARAMETERS-----
MIGHAoGBAJS0EiFtQrnjGhXeCu62S0H6j95EHuqiopyyKEcZiPhlCuYJWMNpabTV
1NK1IU0fm6l4WDeUD25RAGLl0kRTNnKZHyL8o5OrOug/extJNoIcwzVL70P51B1s
7ouN0aWPVT/baMEvwj+bMfl8AV9VGbQ9WP8yo96nYs3qKMhjMlMjAgEC
-----END DH PARAMETERS-----
[root@localhost]# xxd dhp.pem
0000000: 2d2d 2d2d 2d42 4547 494e 2044 4820 5041 -----BEGIN DH PA
0000010: 5241 4d45 5445 5253 2d2d 2d2d 2d0a 4d49 RAMETERS-----.MI
0000020: 4748 416f 4742 414a 5330 4569 4674 5172 GHAoGBAJS0EiFtQr
0000030: 6e6a 4768 5865 4375 3632 5330 4836 6a39 njGhXeCu62S0H6j9
0000040: 3545 4875 7169 6f70 7979 4b45 635a 6950 5EHuqiopyyKEcZiP
0000050: 686c 4375 594a 574d 4e70 6162 5456 0a31 hlCuYJWMNpabTV.1
0000060: 4e4b 3149 5530 666d 366c 3457 4465 5544 NK1IU0fm6l4WDeUD
0000070: 3235 5241 474c 6c30 6b52 544e 6e4b 5a48 25RAGLl0kRTNnKZH
0000080: 794c 386f 354f 724f 7567 2f65 7874 4a4e yL8o5OrOug/extJN
0000090: 6f49 6377 7a56 4c37 3050 3531 4231 730a oIcwzVL70P51B1s.
00000a0: 376f 754e 3061 5750 5654 2f62 614d 4576 7ouN0aWPVT/baMEv
00000b0: 776a 2b62 4d66 6c38 4156 3956 4762 5139 wj+bMfl8AV9VGbQ9
00000c0: 5750 3879 6f39 366e 5973 3371 4b4d 686a WP8yo96nYs3qKMhj
00000d0: 4d6c 4d6a 4167 4543 0a2d 2d2d 2d2d 454e MlMjAgEC.-----EN
00000e0: 4420 4448 2050 4152 414d 4554 4552 532d D DH PARAMETERS-
00000f0: 2d2d 2d2d 0a ----.
The output for the 2 commands aren't related at all. The openssl
command prints the information that is contained in the pem file and the xxd
command prints out the raw hex dump of the file.
The file has the primes but in an encoded format called Privacy Enhanced Mail format, or PEM
for short. It's a human readable base64 encoded format of a binary blob which contains any piece of information packed according to ASN.1.
If you try to parse the pem file, i.e. decode the binary file according to the ASN.1 structure, you will see the following:
$ openssl asn1parse -in dh.pem -inform PEM -i
0:d=0 hl=3 l= 135 cons: SEQUENCE
3:d=1 hl=3 l= 129 prim: INTEGER :94B412216D42B9E31A15DE0AEEB64B41FA8FDE441EEAA2A29CB228471988F8650AE60958C36969B4D5D4D2B5214D1F9BA9785837940F6E510062E5D244533672991F22FCA393AB3AE83F7B1B4936821CC3354BEF43F9D41D6CEE8B8DD1A58F553FDB68C12FC23F9B31F97C015F5519B43D58FF32A3DEA762CDEA28C863325323
135:d=1 hl=2 l= 1 prim: INTEGER :02
This is what is actually packaged into the binary. The openssl dh
command simply interprets the data into a more readable verbose form. At the moment, I am not able to find the actual struct that represents the structure of packing the DH params.
To actually see the prime in the xxd output, it will take some more doing, but it's not very difficult.
$ cat << EOF | base64 -d | xxd
> MIGHAoGBAJS0EiFtQrnjGhXeCu62S0H6j95EHuqiopyyKEcZiPhlCuYJWMNpabTV
> 1NK1IU0fm6l4WDeUD25RAGLl0kRTNnKZHyL8o5OrOug/extJNoIcwzVL70P51B1s
> 7ouN0aWPVT/baMEvwj+bMfl8AV9VGbQ9WP8yo96nYs3qKMhjMlMjAgEC
> EOF
00000000: 3081 8702 8181 0094 b412 216d 42b9 e31a 0.........!mB...
00000010: 15de 0aee b64b 41fa 8fde 441e eaa2 a29c .....KA...D.....
00000020: b228 4719 88f8 650a e609 58c3 6969 b4d5 .(G...e...X.ii..
00000030: d4d2 b521 4d1f 9ba9 7858 3794 0f6e 5100 ...!M...xX7..nQ.
00000040: 62e5 d244 5336 7299 1f22 fca3 93ab 3ae8 b..DS6r.."....:.
00000050: 3f7b 1b49 3682 1cc3 354b ef43 f9d4 1d6c ?{.I6...5K.C...l
00000060: ee8b 8dd1 a58f 553f db68 c12f c23f 9b31 ......U?.h./.?.1
00000070: f97c 015f 5519 b43d 58ff 32a3 dea7 62cd .|._U..=X.2...b.
00000080: ea28 c863 3253 2302 0102 .(.c2S#...
This encoding method uses the TLV
scheme which is Tag
, Length
and Value
scheme to encode information about the block.
The first byte 0x30
is the TAG
, which is the identifier for SEQUENCE
.
The second byte 0x81
is the LENGTH
, which tells the length of the value which the TAG
holds. In this case it's 0x81 or 0b10000001
. If you see, the first bit is set to 1
, which means, the length held by the TAG
is more than 127 and the actual number of bytes required to encode the length is in bits 6 through 1, which is 1
in this case. So, we read the next 1 byte(s) as well to find the actual length, i.e. 0x87
.
Now the VALUE
must start. We again go back to TLV
. The next byte is 0x02
which represents the INTEGER
.
The next byte is 0x81
which means the length of value is greater than 127. So we read the next byte to find out the length of value stored in the current tag. The next byte is 0x81
,so the length of the value in the current TAG
is 0x81
or 129
bytes.
We read the next 129 bytes (whatever is not marked as x
)
00000000: xxxx xxxx xxxx 0094 b412 216d 42b9 e31a 0.........!mB...
00000010: 15de 0aee b64b 41fa 8fde 441e eaa2 a29c .....KA...D.....
00000020: b228 4719 88f8 650a e609 58c3 6969 b4d5 .(G...e...X.ii..
00000030: d4d2 b521 4d1f 9ba9 7858 3794 0f6e 5100 ...!M...xX7..nQ.
00000040: 62e5 d244 5336 7299 1f22 fca3 93ab 3ae8 b..DS6r.."....:.
00000050: 3f7b 1b49 3682 1cc3 354b ef43 f9d4 1d6c ?{.I6...5K.C...l
00000060: ee8b 8dd1 a58f 553f db68 c12f c23f 9b31 ......U?.h./.?.1
00000070: f97c 015f 5519 b43d 58ff 32a3 dea7 62cd .|._U..=X.2...b.
00000080: ea28 c863 3253 23xx xxxx .(.c2S#...
If you now match, you will see the exact prime number. You can continue reading to discover the generator 0x02
too.