generation of safe primes

Question

I need to generate a safe prime which has the form 2p + 1 where p is also prime of a certain bit length (lets say 1024 bits). It is to be used in a DH key exchange.

I believe openssl can do this via

openssl gendh 1024

however this return's a base64 pem format

-----BEGIN DH PARAMETERS-----
MIGHAoGBANzQ1j1z7RGB8XUagrGWK5a8AABecNrovcIgalv1hQdkna2PZorHtbOa
wYe1eDy1t/EztsM2Cncwvj5LBO3Zqsd5tneehKf8JoT35/q1ZznfLD8s/quBgrH8
es2xjSD/9syOMMiSv7/72GPJ8hzhLrbTgNlZ+kYBAPw/GcTlYjc7AgEC
-----END DH PARAMETERS-----

• How can I extract the safe prime number from this base64 pem?

• is it easier to generate my own safe prime with my own code?

how can i test that a prime is 'safe' and of a certain bit length.

Answer 1

I agree with the comments made by @Luke. However, if for some reason you must use openssl command lines there are a few options but they'll only get you so far. None of these will do any significant arithmetic for you; they won't retrieve (p-1)/2 and check it for primality.

You can use the openssl dh command and parse the output. Try it with and without the -C option to see which works better for you. Examples.

openssl gendh -out testdh.pem 1024
openssl dh -in testdh.pem -noout -C
openssl dh -in testdh.pem -noout

If you can handle or prefer binary then you can parse the binary output for the DER-encoded DH structure.

openssl dh -in testdh.pem -outform der -out testdh.der

Another option is to parse the output of the ans1parse command:

openssl asn1parse -in testdh.pem

Answer 2

@GregS has an approach that will probably work for you. Based on what you have told me, I would just create a C binary and leverage the BN_generate_prime(...) function in OpenSSL. That cuts out all of the intermediate parsing and despite adding a separate binary into the mix, it's probably easier than the road you are headed down.