Ok, well assuming you're talking about C++ which is what I'm using, then to create an RSA key pair you do:
// alice would do this RSA *rsa = RSA_generate_key(bits, 65537, NULL, NULL); // alice can then get the public part of the key and send to bob const int max_hex_size = (bits / 4) + 1; long size = max_hex_size; char keyBufferA[size]; char keyBufferB[size]; bzero(keyBufferA,size); bzero(keyBufferB,size); sprintf(keyBufferA,"%s\r\n",BN_bn2hex(rsa->n)); sprintf(keyBufferB,"%s\r\n",BN_bn2hex(rsa->e)); int n = send(sock,keyBufferA,size,0); char recBuf[2]; n = recv(sock,recBuf,2,0); n = send(sock,keyBufferB,size,0); n = recv(sock,recBuf,2,0); // bob can then receive the public key, so on bob's end: int max_hex_size = (bits / 4) + 1; char keybufA[max_hex_size]; bzero(keybufA,max_hex_size); char keybufB[max_hex_size]; bzero(keybufB,max_hex_size); int n = recv(sock,keybufA,max_hex_size,0); n = send(sock,"OK",2,0); n = recv(sock,keybufB,max_hex_size,0); n = send(sock,"OK",2,0); rsa = RSA_new(); BN_hex2bn(&rsa->n, keybufA); BN_hex2bn(&rsa->e, keybufB); // bob can then generate symmetric key unsigned char* key; int n = RAND_bytes(key, bytes); // if n is 0 then system failed in having enough entropy to gather a strong key and should be //considered insecure // bob can then encrypt key with alice's public key, in fact here is a snippet of a function // note ivec is an intialisation vector. This is often initialized to 0 (but doing this is very insecure, but its useful // to do this for testing purposes) void theEncryptor::blowfish(unsigned char *data, int data_len, unsigned char* key, unsigned char *ivec, int enc) { // hash the key first! unsigned char obuf[20]; bzero(obuf,20); SHA1((const unsigned char*)key, 64, obuf); BF_KEY bfkey; int keySize = 20;//strlen((char*)key); BF_set_key(&bfkey, keySize, obuf); //unsigned char ivec[16]; //memset(ivec, 0, 16); unsigned char* out=(unsigned char*) malloc(data_len); bzero(out,data_len); int num = 0; // enc is whether to encrypt (true) or decrypt (false) BF_cfb64_encrypt(data, out, data_len, &bfkey, ivec, &num, enc); memcpy(data, out, data_len); free(out); } // bob is now free to send the ecnrypted key back to alice Note: you should also look at the open_ssl api. I found this very helpful. Cheers, Ben. On 21 July 2010 15:41, Harshvir Sidhu <hvssi...@gmail.com> wrote: > Ben: > Yes thats what i need to do. If you can provide some example, that will > be great. > > Thanks. > > // Harshvir > > > On Wed, Jul 21, 2010 at 9:17 AM, Ben Jones <b...@bhjones.com> wrote: > >> Well I implemented something very similar recently but using tcp rather >> than udp. In my case, alice creates a public-private key pair and sends >> public key to bob. Bob then encrypts randomly generated symmetric key (.e.g >> blowish, dsa or aes etc.) with public key and sends the result to alice. >> Alice then decrypts with her private key. Both alice and bob have knowledge >> of symmetric key which can then be used for secure communication. >> >> A clear problem with this is a man-in-the-middle attack. There are >> functions built into the open ssl framework that allows you do create such >> keys manually. If that's what you need to do, I can give a more concrete ( >> albeit probably naive) example... >> >> Cheers, >> Ben. >> >> >> On 21 July 2010 15:02, Harshvir Sidhu <hvssi...@gmail.com> wrote: >> >>> Hi All, >>> I am trying to use encryption over Client/Server machines. My >>> requirement is that i have to use winsock UDP functions to send and receive >>> data. Is there some mechanism to perform key and cipher exchange in this >>> case, like normally SSL_Connect will do this, but in my case i cannot use >>> that. Is there some suggestion for this? >>> >>> // Harshvir >>> >>> >> >> >> >> >> >