Re: DH_compute_key query

Fri, 22 Jul 2011 04:40:54 -0700 

On Thu, Jul 21, 2011, Prashant Batra wrote:

> Hello,
> 
> I am using DH exchange in ikev2 for generating secret key b/w 2 parties.
> I am observing some awkward thing,
> in some of the cases, the secret calculated  by both the parties is not the
> same, although the input (public key, private key and peer public key )  is
> same.
> 
> Hexdump: Length [128]
> [0] 00 1c ad b2 96 d2 2f b5 25 81 df ac 59 65 2d 01 0a 29 2b 51 27 20 61 49
> 14 f1 80 f7 e3 53 cc 20
> [32] d4 be f8 b5 44 33 1d 25 d2 d2 b0 be b0 93 93 04 6f ec af c1 09 f3 d3 59
> d4 21 5d 01 a4 70 b6 9e
> [64] ab 49 6e ff a4 3d 02 1e 51 ec 76 20 e1 c1 12 f4 3f ba ca 70 d1 41 75 bd
> de 73 e0 aa 40 32 f4 da
> [96] 69 d5 a2 b8 01 4f 31 8b 9e a8 40 e9 fe 9c 2f ea 5c 34 fd ed ea b5 63 93
> a3 be 78 61 6f 50 96 b6  }
> 
> Hexdump: Length [128]
> [0] 1c ad b2 96 d2 2f b5 25 81 df ac 59 65 2d 01 0a 29 2b 51 27 20 61 49 14
> f1 80 f7 e3 53 cc 20
> [32] d4 be f8 b5 44 33 1d 25 d2 d2 b0 be [32] b0 93 93 04 6f ec af c1 09 f3
> d3 59 d4 21 5d 01 a4 70 b6 9e
> [64] ab 49 6e ff a4 3d 02 1e 51 ec 76 20 e1 c1 12 f4 3f ba ca 70 d1 41 75 bd
> de 73 e0 aa 40 32 f4 da
> [96] 69 d5 a2 b8 01 4f 31 8b 9e a8 40 e9 fe 9c 2f ea 5c 34 fd ed ea b5 63 93
> a3 be 78 61 6f 50 96 b6 00 }
> 
> So, there is a problem of 1 byte.
> 
> The exchange is working properly for other users and the key is also
> matching.
> 
> Can someone point out the problem, or any clue, where I may be doing wrong,
> as the same code is getting hit for all the users.
> 

OpenSSLs DH implementation is compliant with the SSL/TLS requirements that
skips leading zeroes on the output. It looks like the other implementation
includes leading zeroes. The return value of DH_compute_key is the length of
the returned key, if it is less than DH_size(key) then prepend zeroes.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to