7

I have generated a Diffie-Hellman key using certain g and p parameters, like this:

$ cat dhparam.pem
-----BEGIN DH PARAMETERS-----
MIIBCAKCAQEAnc5+uXl2K09Nrp1oxN/KbIcIYLg8HXCu9UNW7gFknkHil7OVAKHR
Km0Dc8IjqhJpDfoNKFoDo2Vd0KB9moSkDmhFmidcXO7Q8zSq0Z4BXFTO61OMukdd
dul1ovbleqfH4DcbCjH4LiZGICFUyGseiBakt3e2BORyjSA3IEg4hm9WvdCevWPW
Njc9reFgL6Vua8HkOGkLB+EvRP1YT4v5hGGP/6A7WxRevx5EjF9VgojyDLMPN26C
3c17KY2jNV0W1GEcKEciWS61QInUDBDPYNuQzTl0LucbOpJyV3BFr6pokRBaO3bI
ZYUPhjA2WSxJUeeJboJfisr+CQa9kc1dYwIBAg==
-----END DH PARAMETERS-----
$ openssl genpkey -paramfile dhparam.pem -out dh.pem
$ cat dh.pem
-----BEGIN PRIVATE KEY-----
MIICJgIBADCCARcGCSqGSIb3DQEDATCCAQgCggEBAJ3Ofrl5ditPTa6daMTfymyH
CGC4PB1wrvVDVu4BZJ5B4pezlQCh0SptA3PCI6oSaQ36DShaA6NlXdCgfZqEpA5o
RZonXFzu0PM0qtGeAVxUzutTjLpHXXbpdaL25Xqnx+A3Gwox+C4mRiAhVMhrHogW
pLd3tgTkco0gNyBIOIZvVr3Qnr1j1jY3Pa3hYC+lbmvB5DhpCwfhL0T9WE+L+YRh
j/+gO1sUXr8eRIxfVYKI8gyzDzdugt3NeymNozVdFtRhHChHIlkutUCJ1AwQz2Db
kM05dC7nGzqScldwRa+qaJEQWjt2yGWFD4YwNlksSVHniW6CX4rK/gkGvZHNXWMC
AQIEggEEAoIBAGJBY5qzXPRi62hzho+ebCeZMdVqGQrlc9h/1hmrlzXlna8Mu8WF
0hp/ol8s3AAvuG2w8sMHH/D0kHj2Ptf92khH2WObWAzyybf3IubpVumw6d2KSe1j
LhW0cJum/lbyhyGJNgdNrVlwyNcId2Z53K9TK1BQnb3/gJjM+cRZ1yyoPDTXZpLl
1dmLz3lw+kmowyNXtl/wgzDclR16/w7JSvM+tOFCs4X1ZZF9TbQi7czc0ov101gP
bJjbUaYNOLUQrI/vVEDmCzYIL3PDLV07gQu0FeLHnRChgdjal3xVIsp0oV+2cN7K
/UX4xqCSBXp8ieAoJ+r7zZD44JqhMVF+d5A=
-----END PRIVATE KEY-----

My understanding is that the key file dh.pem includes not only the secret part of the key, but also the non-secret g and p parameters with which it was generated — i.e., dh.pem is a superset of dhparam.pem.

I would like to reconstruct dhparam.pem, given only dh.pem. That is, given a DH key file, dump its parameters in PEM format.

It seems like openssl itself might not support this directly, but maybe there's some not-too-horrible way to extract the info with a shell script or something? The man page for openssl dhparam says:

This program manipulates DH parameters not keys.
BUGS: There should be a way to generate and manipulate DH keys.

Related: OpenSSL: Display DH Parameters — but in that question they're starting with a certificate, not a private key. (And I don't know the incantation to turn my key into a certificate.)

Quuxplusone
  • 23,928
  • 8
  • 94
  • 159

1 Answers1

5

PEM files are base64-encoded DER serialised ASN.1 files with a header and footer guard. A ASN.1 parser with the right schema can decode them. It so happens that openssl has this helpfully built in:

$ openssl asn1parse <dhparam.pem
    0:d=0  hl=4 l= 264 cons: SEQUENCE
    4:d=1  hl=4 l= 257 prim: INTEGER           :9DCE7EB979762B4F4DAE9D68C4DFCA6C870860B83C1D70AEF54356EE01649E41E297B39500A1D12A6D0373C223AA12690DFA0D285A03A3655DD0A07D9A84A40E68459A275C5CEED0F334AAD19E015C54CEEB538CBA475D76E975A2F6E57AA7C7E0371B0A31F82E2646202154C86B1E8816A4B777B604E4728D2037204838866F56BDD09EBD63D636373DADE1602FA56E6BC1E438690B07E12F44FD584F8BF984618FFFA03B5B145EBF1E448C5F558288F20CB30F376E82DDCD7B298DA3355D16D4611C284722592EB54089D40C10CF60DB90CD39742EE71B3A9272577045AFAA6891105A3B76C865850F863036592C4951E7896E825F8ACAFE0906BD91CD5D63
  265:d=1  hl=2 l=   1 prim: INTEGER           :02

$ openssl asn1parse <dh.pem
    0:d=0  hl=4 l= 550 cons: SEQUENCE
    4:d=1  hl=2 l=   1 prim: INTEGER           :00
    7:d=1  hl=4 l= 279 cons: SEQUENCE
   11:d=2  hl=2 l=   9 prim: OBJECT            :dhKeyAgreement
   22:d=2  hl=4 l= 264 cons: SEQUENCE
   26:d=3  hl=4 l= 257 prim: INTEGER           :9DCE7EB979762B4F4DAE9D68C4DFCA6C870860B83C1D70AEF54356EE01649E41E297B39500A1D12A6D0373C223AA12690DFA0D285A03A3655DD0A07D9A84A40E68459A275C5CEED0F334AAD19E015C54CEEB538CBA475D76E975A2F6E57AA7C7E0371B0A31F82E2646202154C86B1E8816A4B777B604E4728D2037204838866F56BDD09EBD63D636373DADE1602FA56E6BC1E438690B07E12F44FD584F8BF984618FFFA03B5B145EBF1E448C5F558288F20CB30F376E82DDCD7B298DA3355D16D4611C284722592EB54089D40C10CF60DB90CD39742EE71B3A9272577045AFAA6891105A3B76C865850F863036592C4951E7896E825F8ACAFE0906BD91CD5D63
  287:d=3  hl=2 l=   1 prim: INTEGER           :02
  290:d=1  hl=4 l= 260 prim: OCTET STRING      [HEX DUMP]:028201006241639AB35CF462EB6873868F9E6C279931D56A190AE573D87FD619AB9735E59DAF0CBBC585D21A7FA25F2CDC002FB86DB0F2C3071FF0F49078F63ED7FDDA4847D9639B580CF2C9B7F722E6E956E9B0E9DD8A49ED632E15B4709BA6FE56F287218936074DAD5970C8D708776679DCAF532B50509DBDFF8098CCF9C459D72CA83C34D76692E5D5D98BCF7970FA49A8C32357B65FF08330DC951D7AFF0EC94AF33EB4E142B385F565917D4DB422EDCCDCD28BF5D3580F6C98DB51A60D38B510AC8FEF5440E60B36082F73C32D5D3B810BB415E2C79D10A181D8DA977C5522CA74A15FB670DECAFD45F8C6A092057A7C89E02827EAFBCD90F8E09AA131517E7790

And Bob’s your uncle.

Konrad Rudolph
  • 530,221
  • 131
  • 937
  • 1,214