I have this fucntion which I use to generate public-private key pair. - prime : depends on the dh group, you can find these values in DH rfc - http://www.ietf.org/rfc/rfc3526.txt
int32_t DHInterface::GeneratePublicPrivateKeyPair(uint8_t * pub_key, uint32_t * pub_key_length) { char *errbuf; dh = DH_new(); if ((dh->p = BN_bin2bn((unsigned char *)prime->v, prime->l, NULL)) == NULL) return -1; if ((dh->g = BN_new()) == NULL) return -1; if (!BN_set_word(dh->g, 2)) return -1; /* Now generate public and private key */ if (!DH_generate_key(dh)) { errbuf = ERR_error_string(ERR_get_error(), NULL); printf("Error : %s", errbuf); return -1; } /* Covert keys from BN into bytes */ *pub_key_length = BN_bn2bin(dh->pub_key, (unsigned char *)(pub_key)); return 0; } DH_Generate_key would generate a private key, and then a corresponding public key value. You need to send this public key value to your peer and then expect a public key value from the peer. Once you get peer's public key use the same "dh" object to calculate the secret value, which I do in this way- peer_pub_key = BN_bin2bn((unsigned char *)peer_public_key, key_length, NULL); if ((secret_key_length = DH_compute_key((unsigned char *)temp, peer_pub_key, dh)) < 0) { errbuf = ERR_error_string(ERR_get_error(), NULL); printf("Error : %s", errbuf); return -1; } *secret_length = DH_size(dh); I feel the variables would be self explainatory. On Fri, Dec 21, 2012 at 10:19 AM, Hemayamini Kurra < hemayaminiku...@email.arizona.edu> wrote: > Hello!! > > > I am trying to implement Diffe-Hellman Key exchange protocol between > Client and server. I am using openSSL dh.h library for that. The problem is > how to send the publickey generated by DH_generate_key() function to > client/server. > > My idea is to get the shared secret which I can use for further encryption > of communication between client and server. I have followed the following > steps > > 1. Generate the parameters uysing DH_generate_parameters() > 2. DH_check() for checking the parameters generated. > 3. Then to use DH_compute_key() I should be able to get the peer's public > key. How can I get this? > > What is the private value DH_generate_key uses for generating public key? > > I dint find any sample programs for this problem. It would be great if > anyone suggest some sample programs related to my above mentioned task!! > > > Thanks and Regards, > Yamini. > -- Prashant Batra