DH p parameter length

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello everybody,

I'm trying to force openssl s_server to use DH p parameter of 2048 bits length, but I can't find the way to do it.
I've noticed that the length of p parameter depends on chosen cipher.
For example, if I'm using DHE_PSK_WITH_AES_128_CBC_SHA256 the length of p parameter is 1024 bits,
but if I'm using DHE_PSK_WITH_AES_256_CBC_SHA384 the length is 3072 bits.

I've tried to generate DH parameters PEM file by the following command:

openssl genpkey -genparam -algorithm DH -out /tmp/test_dh_params.pem -pkeyopt dh_paramgen_prime_len:2048

And to load the file to s_server by:

openssl s_server -state -trace -dhparam /tmp/test_dh_params.pem -accept 443 -psk 1a2b3c4d -nocert

But I'm getting an error:

Error with command: "-dhparam /tmp/test_dh_params.pem"

Is there an easy way to do what I'm trying to do?
Any help would be appreciated.

Best regards.








-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux