Hi Carolin,
"It is just about half the length of the ..."
[very] Quick response : Hex value is twice the lengh of binary data :
Have you checked the value of 'size' arg ?
Not sure this helps ...
Le 24/08/2012 16:38, Carolin Latze a écrit :
(sorry if this mail arrives twice. I send it first without being
subscribed to this list by accident)
Hi all
I try to implement a DH exchange using socket BIOs. Here is what I do:
On the server
- I initialize a DH structure with DH_new
- I generate the parameters using
DH_generate_parameters(prime_len,g,NULL,NULL) with prime_len=512
- I generate the keys using DH_generate_key(dh)
Now I need to send p,g, and the server's public key to the client. In
order to do that I convert each of those three values to hex. This is
the example for p:
int size = DH_size(dh);
char* prime = (char*) malloc(size*sizeof(char));
memset(prime,0,size*sizeof(char));
prime = BN_bn2hex(dh->p);
afterwards I open a socket BIO that allows a client to connect:
bio = BIO_new_accept(port);
Now, when a client connects, I write those three values to the BIO.
Example for p:
BIO_do_accept(bio);
cbio = BIO_pop(bio);
BIO_write(cbio,prime,size);
Ok, lets move the client. The client connects successfully to the
server and reads the three values from the BIO:
prime = (char*)malloc(size*sizeof(char));
memset(prime,0,size*sizeof(char));
BIO_read(bio,prime,size);
If I print out "prime" on the client using printf I see that this is
exactly the stream of bytes that have been sent by the server. But if
I write this value back into a DH structure it changes:
DH *dh = DH_new();
BN_hex2bn(&(dh->p),prime);
If I check the value now with BN_print, it is a shorter value! It is
just about half the length of the original p and I have no idea why.
What is it that I miss here?
Any hints would be appreciated
Regards
Carolin
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
