Re: DH_compute_key query

Fri, 22 Jul 2011 05:29:08 -0700 

Thanks Steve a ton. I think I was missing some basic design understanding.

-Prashant

On Fri, Jul 22, 2011 at 5:08 PM, Dr. Stephen Henson <st...@openssl.org>wrote:

> On Thu, Jul 21, 2011, Prashant Batra wrote:
>
> > Hello,
> >
> > I am using DH exchange in ikev2 for generating secret key b/w 2 parties.
> > I am observing some awkward thing,
> > in some of the cases, the secret calculated  by both the parties is not
> the
> > same, although the input (public key, private key and peer public key )
>  is
> > same.
> >
> > Hexdump: Length [128]
> > [0] 00 1c ad b2 96 d2 2f b5 25 81 df ac 59 65 2d 01 0a 29 2b 51 27 20 61
> 49
> > 14 f1 80 f7 e3 53 cc 20
> > [32] d4 be f8 b5 44 33 1d 25 d2 d2 b0 be b0 93 93 04 6f ec af c1 09 f3 d3
> 59
> > d4 21 5d 01 a4 70 b6 9e
> > [64] ab 49 6e ff a4 3d 02 1e 51 ec 76 20 e1 c1 12 f4 3f ba ca 70 d1 41 75
> bd
> > de 73 e0 aa 40 32 f4 da
> > [96] 69 d5 a2 b8 01 4f 31 8b 9e a8 40 e9 fe 9c 2f ea 5c 34 fd ed ea b5 63
> 93
> > a3 be 78 61 6f 50 96 b6  }
> >
> > Hexdump: Length [128]
> > [0] 1c ad b2 96 d2 2f b5 25 81 df ac 59 65 2d 01 0a 29 2b 51 27 20 61 49
> 14
> > f1 80 f7 e3 53 cc 20
> > [32] d4 be f8 b5 44 33 1d 25 d2 d2 b0 be [32] b0 93 93 04 6f ec af c1 09
> f3
> > d3 59 d4 21 5d 01 a4 70 b6 9e
> > [64] ab 49 6e ff a4 3d 02 1e 51 ec 76 20 e1 c1 12 f4 3f ba ca 70 d1 41 75
> bd
> > de 73 e0 aa 40 32 f4 da
> > [96] 69 d5 a2 b8 01 4f 31 8b 9e a8 40 e9 fe 9c 2f ea 5c 34 fd ed ea b5 63
> 93
> > a3 be 78 61 6f 50 96 b6 00 }
> >
> > So, there is a problem of 1 byte.
> >
> > The exchange is working properly for other users and the key is also
> > matching.
> >
> > Can someone point out the problem, or any clue, where I may be doing
> wrong,
> > as the same code is getting hit for all the users.
> >
>
> OpenSSLs DH implementation is compliant with the SSL/TLS requirements that
> skips leading zeroes on the output. It looks like the other implementation
> includes leading zeroes. The return value of DH_compute_key is the length
> of
> the returned key, if it is less than DH_size(key) then prepend zeroes.
>
> Steve.
> --
> Dr Stephen N. Henson. OpenSSL project core developer.
> Commercial tech support now available see: http://www.openssl.org
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    openssl-users@openssl.org
> Automated List Manager                           majord...@openssl.org

Reply via email to