Yeah size is the same on both sides :( ----- Reply message ----- From: "Michel" <msa...@paybox.com> To: <openssl-users@openssl.org> Subject: DH exchange & socket BIOs Date: Fri, Aug 24, 2012 5:47 pm
Hi Carolin, "It is just about half the length of the ..." [very] Quick response : Hex value is twice the lengh of binary data : Have you checked the value of 'size' arg ? Not sure this helps ... Le 24/08/2012 16:38, Carolin Latze a écrit : > (sorry if this mail arrives twice. I send it first without being > subscribed to this list by accident) > > Hi all > > I try to implement a DH exchange using socket BIOs. Here is what I do: > > On the server > - I initialize a DH structure with DH_new > - I generate the parameters using > DH_generate_parameters(prime_len,g,NULL,NULL) with prime_len=512 > - I generate the keys using DH_generate_key(dh) > > Now I need to send p,g, and the server's public key to the client. In > order to do that I convert each of those three values to hex. This is > the example for p: > > int size = DH_size(dh); > char* prime = (char*) malloc(size*sizeof(char)); > memset(prime,0,size*sizeof(char)); > prime = BN_bn2hex(dh->p); > > afterwards I open a socket BIO that allows a client to connect: > > bio = BIO_new_accept(port); > > Now, when a client connects, I write those three values to the BIO. > Example for p: > > BIO_do_accept(bio); > cbio = BIO_pop(bio); > BIO_write(cbio,prime,size); > > Ok, lets move the client. The client connects successfully to the > server and reads the three values from the BIO: > > prime = (char*)malloc(size*sizeof(char)); > memset(prime,0,size*sizeof(char)); > BIO_read(bio,prime,size); > > If I print out "prime" on the client using printf I see that this is > exactly the stream of bytes that have been sent by the server. But if > I write this value back into a DH structure it changes: > > DH *dh = DH_new(); > BN_hex2bn(&(dh->p),prime); > > If I check the value now with BN_print, it is a shorter value! It is > just about half the length of the original p and I have no idea why. > What is it that I miss here? > > Any hints would be appreciated > > Regards > Carolin > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org