Re: RSA encryption and Decryption code in C language
Hello Michel, Thanks for the link. I have the following code. int main() { RSA *key; unsigned char input_ptext[] = 58FD6F1C310FC9D0194FB8B0E99070A6CBA3473BFE69F953E60E99070A6CBA3473BFE69F953E0E99070A6CBA3473BFE69F953E0E99070A6CBAE; unsigned char ctext[256]; unsigned char ptext[256]; int n,i; ERR_clear_error(); key = RSA_generate_key(1024,65537,NULL,NULL); printf(the size of input_text is %ld\n, sizeof(input_ptext)); if (!key) return 0; n = RSA_size(key); n = RSA_public_encrypt(sizeof(input_ptext) - 1,input_ptext,ctext,key,RSA_PKCS1_PADDING); if (n 0) return 0; n = RSA_private_decrypt(n,ctext,ptext,key,RSA_PKCS1_PADDING); if (n 0) return 0; RSA_free(key); printf(the decrypted text is %s\n,ptext); if (memcmp(input_ptext,ptext,sizeof(input_ptext) - 1)) return 0; printf(Finished\n); printf(the decrypted text is %s\n,ptext); return 1; } But the problem is, I have to encrypt it at clients side and decrypt it at servers side. In the above program I generated the key at clients side. But How do I transport the public key to the other party for it to generate the private key? If I send the key using TCP/IP channel, that makes the system vulnerable, which is not desirable. So how do I transport the keys between client and the server. Thanks and Regards, Yamini. On Tue, Jun 18, 2013 at 1:43 AM, Michel msa...@paybox.com wrote: Hi Yamini, I would suggest looking at the 'EVP Envelope' API : https://www.openssl.org/docs/**crypto/EVP_SealInit.htmlhttps://www.openssl.org/docs/crypto/EVP_SealInit.html Le 17/06/2013 19:26, yamini a écrit : Hello, I am implementing the DES algorithm between my client and server systems for encryption. The DES key is transmitted in encrypted form between Client and Server using RSA encryption and decryption. My idea of implementing the above task is creating RSA key (RSA_generate_key) and using the public key for encryption and private key for decryption. I have looked for sample codes to do this in C language but found nothing. So if anyone has any code snippets for this task please post them here. It would be very helpful. The code for RSA encryption and Decryption between client and server(client and server are on different machines). Thanks and Regards, Yamini.
Re: DH-algorithm using OpenSSL
Thanks for the reply Jeff!! The problem comes when I try to send the values of prime and publickey to peer. As I am converting BIGNUM to binary and then at the peer the other way round, The parameters are not received properly by the peer!! On Fri, Dec 28, 2012 at 2:28 PM, Jeffrey Walton noloa...@gmail.com wrote: On Fri, Dec 28, 2012 at 3:37 PM, Hemayamini Kurra hemayaminiku...@email.arizona.edu wrote: Hello!! I am implementing DH algorithm using OpenSSL library. My scenario is - using DH key exchange algorithm for key generation and exchange between client and server. Using DSA for two way authentication. server: Could be tricky to get right, especially when you need semantic authentication over the process. I have generated DH parameters using DH_generate_parameters() I have generated the public and private keys using DH_generate_key() Don't forget to validate the key. If you don't validate a key, you cannot use it. For encryption, that means you don't apply your secret to an unvalidated key; and for signatures, you don't trust the outcome of the verification process. GnuPG is a special case. They used Lim-Lee primes and they can't be validated without obtaining the unique factorization. I would recommend asking for a key composed of a strong or safe prime or refuse to process their data (but I've always been defensive/paranoid). I am using TCP socket programming in c to send the prime generator and ... I am getting segmentation fault. That sounds like a network programming problem. Have you been through W. Richard Stevens' TCP/IP Illustrated or UNIX Network Programming? Jeff __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How to implement DH algorithm using openSSL library?
Thanks prashant!! This helped alot!! On Thu, Dec 20, 2012 at 10:09 PM, Prashant Batra prashant0...@gmail.comwrote: I have this fucntion which I use to generate public-private key pair. - prime : depends on the dh group, you can find these values in DH rfc - http://www.ietf.org/rfc/rfc3526.txt int32_t DHInterface::GeneratePublicPrivateKeyPair(uint8_t * pub_key, uint32_t * pub_key_length) { char *errbuf; dh = DH_new(); if ((dh-p = BN_bin2bn((unsigned char *)prime-v, prime-l, NULL)) == NULL) return -1; if ((dh-g = BN_new()) == NULL) return -1; if (!BN_set_word(dh-g, 2)) return -1; /* Now generate public and private key */ if (!DH_generate_key(dh)) { errbuf = ERR_error_string(ERR_get_error(), NULL); printf(Error : %s, errbuf); return -1; } /* Covert keys from BN into bytes */ *pub_key_length = BN_bn2bin(dh-pub_key, (unsigned char *)(pub_key)); return 0; } DH_Generate_key would generate a private key, and then a corresponding public key value. You need to send this public key value to your peer and then expect a public key value from the peer. Once you get peer's public key use the same dh object to calculate the secret value, which I do in this way- peer_pub_key = BN_bin2bn((unsigned char *)peer_public_key, key_length, NULL); if ((secret_key_length = DH_compute_key((unsigned char *)temp, peer_pub_key, dh)) 0) { errbuf = ERR_error_string(ERR_get_error(), NULL); printf(Error : %s, errbuf); return -1; } *secret_length = DH_size(dh); I feel the variables would be self explainatory. On Fri, Dec 21, 2012 at 10:19 AM, Hemayamini Kurra hemayaminiku...@email.arizona.edu wrote: Hello!! I am trying to implement Diffe-Hellman Key exchange protocol between Client and server. I am using openSSL dh.h library for that. The problem is how to send the publickey generated by DH_generate_key() function to client/server. My idea is to get the shared secret which I can use for further encryption of communication between client and server. I have followed the following steps 1. Generate the parameters uysing DH_generate_parameters() 2. DH_check() for checking the parameters generated. 3. Then to use DH_compute_key() I should be able to get the peer's public key. How can I get this? What is the private value DH_generate_key uses for generating public key? I dint find any sample programs for this problem. It would be great if anyone suggest some sample programs related to my above mentioned task!! Thanks and Regards, Yamini. -- Prashant Batra
Re: How to implement DH algorithm using openSSL library?
I also have a problem in sending the pub_key to peer. As I am using DH_generate_parameters to generate prime and generator and DH_generator_key for generating the public key , I have to send the prime, g and pub_key to the peer. Is there any function to do this?? Thanks in advance. Yamini. On Fri, Dec 21, 2012 at 9:23 AM, Hemayamini Kurra hemayaminiku...@email.arizona.edu wrote: Thanks prashant!! This helped alot!! On Thu, Dec 20, 2012 at 10:09 PM, Prashant Batra prashant0...@gmail.comwrote: I have this fucntion which I use to generate public-private key pair. - prime : depends on the dh group, you can find these values in DH rfc - http://www.ietf.org/rfc/rfc3526.txt int32_t DHInterface::GeneratePublicPrivateKeyPair(uint8_t * pub_key, uint32_t * pub_key_length) { char *errbuf; dh = DH_new(); if ((dh-p = BN_bin2bn((unsigned char *)prime-v, prime-l, NULL)) == NULL) return -1; if ((dh-g = BN_new()) == NULL) return -1; if (!BN_set_word(dh-g, 2)) return -1; /* Now generate public and private key */ if (!DH_generate_key(dh)) { errbuf = ERR_error_string(ERR_get_error(), NULL); printf(Error : %s, errbuf); return -1; } /* Covert keys from BN into bytes */ *pub_key_length = BN_bn2bin(dh-pub_key, (unsigned char *)(pub_key)); return 0; } DH_Generate_key would generate a private key, and then a corresponding public key value. You need to send this public key value to your peer and then expect a public key value from the peer. Once you get peer's public key use the same dh object to calculate the secret value, which I do in this way- peer_pub_key = BN_bin2bn((unsigned char *)peer_public_key, key_length, NULL); if ((secret_key_length = DH_compute_key((unsigned char *)temp, peer_pub_key, dh)) 0) { errbuf = ERR_error_string(ERR_get_error(), NULL); printf(Error : %s, errbuf); return -1; } *secret_length = DH_size(dh); I feel the variables would be self explainatory. On Fri, Dec 21, 2012 at 10:19 AM, Hemayamini Kurra hemayaminiku...@email.arizona.edu wrote: Hello!! I am trying to implement Diffe-Hellman Key exchange protocol between Client and server. I am using openSSL dh.h library for that. The problem is how to send the publickey generated by DH_generate_key() function to client/server. My idea is to get the shared secret which I can use for further encryption of communication between client and server. I have followed the following steps 1. Generate the parameters uysing DH_generate_parameters() 2. DH_check() for checking the parameters generated. 3. Then to use DH_compute_key() I should be able to get the peer's public key. How can I get this? What is the private value DH_generate_key uses for generating public key? I dint find any sample programs for this problem. It would be great if anyone suggest some sample programs related to my above mentioned task!! Thanks and Regards, Yamini. -- Prashant Batra
How to implement DH algorithm using openSSL library?
Hello!! I am trying to implement Diffe-Hellman Key exchange protocol between Client and server. I am using openSSL dh.h library for that. The problem is how to send the publickey generated by DH_generate_key() function to client/server. My idea is to get the shared secret which I can use for further encryption of communication between client and server. I have followed the following steps 1. Generate the parameters uysing DH_generate_parameters() 2. DH_check() for checking the parameters generated. 3. Then to use DH_compute_key() I should be able to get the peer's public key. How can I get this? What is the private value DH_generate_key uses for generating public key? I dint find any sample programs for this problem. It would be great if anyone suggest some sample programs related to my above mentioned task!! Thanks and Regards, Yamini.