>From: owner-openssl-us...@openssl.org On Behalf Of azhar jodatti >Sent: Saturday, 16 March, 2013 14:00
>I am working on application which has android and iPhone client. >Both the client talk to my server which is written in JAVA. I am >using JCE implementation of DH algorithm and X509EncodedkeySpec >for generating public and private key. code below > X509EncodedKeySpec x509Spec = new X509EncodedKeySpec(this.clientPublicKey); > PublicKey pk = kf.generatePublic(x509Spec); (I assume this is on the server, kf is a KeyFactory.getInstance("DH") and this.clientPublicKey contains client DH public key in X509-ki form.) In spite of the name, that doesn't generate a key, it only converts it from an external form (X509) to an internal form JCE can use directly. DH key(pair) generation is done with a KeyPairGenerator.getInstance("DH"). It can use parameters from several sources; which are you using? >for iPhone client I wrote a C programme which makes use of openSSl >implementation of DH algorithm. The problem I am facing is when >I generate DH params (prime,generator,pulickey) at client and pass >them to server to calculate server's public and secret key, my server >(JAVA) throws invalidKeySpecification exception. below are steps. > //client is DH *client. > //also tried with 1024 bits and DH_GENERATOR_5 > DH_generate_parameters_ex(client,512,DH_GENERATOR_2,NULL); You don't need to generate new parameters each time, as I said before. And for secure sizes it's usually rather costly/slow to do so. If you do generate new parameters, the server side Java *must* use parameters sent by the client as input to server KeyPairGenerator. OTOH DH-512 is almost certainly not secure. I don't understand all the math, but the authorities I trust say that discrete-log (DH) is only a few bits better than factoring (RSA), and RSA-512 is fallen. > 2. then generating DH public and private key > DH_generate_key(client) That is actual key generation, like KeyPairGenerator.generate. >when I pass these (prime,generator,publickey ) generated keys to >server which is written in JAVA , It won't work. server (JAVA) >throws invalidKeySpecification exception. Then you're not doing what I described. See next. >One more point I would like to mention here is, When I use >DHPublicKeySpec instead of X509EncodedKeySpec at server (JAVA) >it won't throw invalidKeySpecification exception. <snip rest> Those are different data formats. X509EncodedKeySpec is correct if you have a DH public key (or other public key) *in X.509 SubjectPublicKeyInfo format* which Openssl calls PUBKEY and can do with no additional code. In another email you show that you are using a JSON format with separate fields (which you didn't mention before), which contains the same data as X.509-keyinfo but is not even remotely the same format, so for your format yes DHPublicKeySpec is correct. See other response for more about parameters and key values. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org