I am adding the RFC 7919 Diffie-Hellman parameters to our TLS servers, and I've found that these parameters won't pass OpenSSL's Diffie Hellman parameter check function DH_check(). The return code is DH_NOT_SUITABLE_GENERATOR. Looking at the source code, it appears to fail because the remainder of the prime divided by 24 is not 11. That its, p mod 24 != 11. I have a couple of questions:
What relationship between the prime p and the generator g is this checking for? I thought that since p was a safe prime, as long as the generator g wasn't 1 the only choice is between the full group and the subgroup of the squares? I would like to use DH_check() to attempt to ensure that Diffie Hellman parameters haven't been tampered on operating systems that don't have digital signatures for executable binaries. The OpenSSL version in use is 1.0.2q. Any help is greatly appreciated. Andy Schmidt
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
