Re: How to implement DH algorithm using openSSL library?

2012-12-21 Thread Hemayamini Kurra
Thanks prashant!! This helped alot!!


On Thu, Dec 20, 2012 at 10:09 PM, Prashant Batra prashant0...@gmail.comwrote:

 I have this fucntion which I use to generate public-private key pair.

 - prime : depends on the dh group, you can find these values in DH rfc -
 http://www.ietf.org/rfc/rfc3526.txt

 int32_t DHInterface::GeneratePublicPrivateKeyPair(uint8_t * pub_key,
 uint32_t * pub_key_length)
 {
   char *errbuf;

   dh = DH_new();

   if ((dh-p = BN_bin2bn((unsigned char *)prime-v, prime-l, NULL)) ==
 NULL)
 return -1;

   if ((dh-g = BN_new()) == NULL)
 return -1;
   if (!BN_set_word(dh-g, 2))
 return -1;


   /* Now generate public and private key */

   if (!DH_generate_key(dh))
   {
 errbuf = ERR_error_string(ERR_get_error(), NULL);
 printf(Error : %s, errbuf);
 return -1;
   }

   /* Covert keys from BN into bytes */

   *pub_key_length = BN_bn2bin(dh-pub_key, (unsigned char *)(pub_key));

   return 0;
 }

 DH_Generate_key would generate a private key, and then a corresponding
 public key value. You need to send this public key value to your peer and
 then expect a public key value from the peer.
 Once you get peer's public key use the same dh object to calculate the
 secret value, which I do in this way-
 peer_pub_key = BN_bin2bn((unsigned char *)peer_public_key, key_length,
 NULL);

   if ((secret_key_length = DH_compute_key((unsigned char *)temp,
 peer_pub_key, dh))  0)
   {
   errbuf = ERR_error_string(ERR_get_error(), NULL);
   printf(Error : %s, errbuf);
   return -1;
   }
   *secret_length = DH_size(dh);


 I feel the variables would be self explainatory.


 On Fri, Dec 21, 2012 at 10:19 AM, Hemayamini Kurra 
 hemayaminiku...@email.arizona.edu wrote:

 Hello!!


 I am trying to implement Diffe-Hellman Key exchange protocol between
 Client and server. I am using openSSL dh.h library for that. The problem is
 how to send the publickey generated by DH_generate_key() function to
 client/server.

 My idea is to get the shared secret which I can use for further
 encryption of communication between client and server. I have followed the
 following steps

 1. Generate the parameters uysing DH_generate_parameters()
 2. DH_check() for checking the parameters generated.
 3. Then to use DH_compute_key() I should be able to get the peer's public
 key. How can I get this?

 What is the private value DH_generate_key uses for generating public key?

 I dint find any sample programs for this problem. It would be great if
 anyone suggest some sample programs related to my above mentioned task!!


 Thanks and Regards,
 Yamini.




 --
 Prashant Batra





Re: How to implement DH algorithm using openSSL library?

2012-12-21 Thread Hemayamini Kurra
I also have a problem in sending the pub_key to peer. As I am using
DH_generate_parameters to generate prime and generator and DH_generator_key
for generating the public key , I have to send the prime, g and pub_key to
the peer. Is there any function to do this??

Thanks in advance.
Yamini.


On Fri, Dec 21, 2012 at 9:23 AM, Hemayamini Kurra 
hemayaminiku...@email.arizona.edu wrote:

 Thanks prashant!! This helped alot!!


 On Thu, Dec 20, 2012 at 10:09 PM, Prashant Batra 
 prashant0...@gmail.comwrote:

 I have this fucntion which I use to generate public-private key pair.

 - prime : depends on the dh group, you can find these values in DH rfc -
 http://www.ietf.org/rfc/rfc3526.txt

 int32_t DHInterface::GeneratePublicPrivateKeyPair(uint8_t * pub_key,
 uint32_t * pub_key_length)
 {
   char *errbuf;

   dh = DH_new();

   if ((dh-p = BN_bin2bn((unsigned char *)prime-v, prime-l, NULL)) ==
 NULL)
 return -1;

   if ((dh-g = BN_new()) == NULL)
 return -1;
   if (!BN_set_word(dh-g, 2))
 return -1;


   /* Now generate public and private key */

   if (!DH_generate_key(dh))
   {
 errbuf = ERR_error_string(ERR_get_error(), NULL);
 printf(Error : %s, errbuf);
 return -1;
   }

   /* Covert keys from BN into bytes */

   *pub_key_length = BN_bn2bin(dh-pub_key, (unsigned char *)(pub_key));

   return 0;
 }

 DH_Generate_key would generate a private key, and then a corresponding
 public key value. You need to send this public key value to your peer and
 then expect a public key value from the peer.
 Once you get peer's public key use the same dh object to calculate the
 secret value, which I do in this way-
 peer_pub_key = BN_bin2bn((unsigned char *)peer_public_key, key_length,
 NULL);

   if ((secret_key_length = DH_compute_key((unsigned char *)temp,
 peer_pub_key, dh))  0)
   {
   errbuf = ERR_error_string(ERR_get_error(), NULL);
   printf(Error : %s, errbuf);
   return -1;
   }
   *secret_length = DH_size(dh);


 I feel the variables would be self explainatory.


 On Fri, Dec 21, 2012 at 10:19 AM, Hemayamini Kurra 
 hemayaminiku...@email.arizona.edu wrote:

 Hello!!


 I am trying to implement Diffe-Hellman Key exchange protocol between
 Client and server. I am using openSSL dh.h library for that. The problem is
 how to send the publickey generated by DH_generate_key() function to
 client/server.

 My idea is to get the shared secret which I can use for further
 encryption of communication between client and server. I have followed the
 following steps

 1. Generate the parameters uysing DH_generate_parameters()
 2. DH_check() for checking the parameters generated.
 3. Then to use DH_compute_key() I should be able to get the peer's
 public key. How can I get this?

 What is the private value DH_generate_key uses for generating public key?

 I dint find any sample programs for this problem. It would be great if
 anyone suggest some sample programs related to my above mentioned task!!


 Thanks and Regards,
 Yamini.




 --
 Prashant Batra






How to implement DH algorithm using openSSL library?

2012-12-20 Thread Hemayamini Kurra
Hello!!


I am trying to implement Diffe-Hellman Key exchange protocol between Client
and server. I am using openSSL dh.h library for that. The problem is how to
send the publickey generated by DH_generate_key() function to
client/server.

My idea is to get the shared secret which I can use for further encryption
of communication between client and server. I have followed the following
steps

1. Generate the parameters uysing DH_generate_parameters()
2. DH_check() for checking the parameters generated.
3. Then to use DH_compute_key() I should be able to get the peer's public
key. How can I get this?

What is the private value DH_generate_key uses for generating public key?

I dint find any sample programs for this problem. It would be great if
anyone suggest some sample programs related to my above mentioned task!!


Thanks and Regards,
Yamini.


Re: How to implement DH algorithm using openSSL library?

2012-12-20 Thread Prashant Batra
I have this fucntion which I use to generate public-private key pair.

- prime : depends on the dh group, you can find these values in DH rfc -
http://www.ietf.org/rfc/rfc3526.txt

int32_t DHInterface::GeneratePublicPrivateKeyPair(uint8_t * pub_key,
uint32_t * pub_key_length)
{
  char *errbuf;

  dh = DH_new();

  if ((dh-p = BN_bin2bn((unsigned char *)prime-v, prime-l, NULL)) ==
NULL)
return -1;

  if ((dh-g = BN_new()) == NULL)
return -1;
  if (!BN_set_word(dh-g, 2))
return -1;


  /* Now generate public and private key */

  if (!DH_generate_key(dh))
  {
errbuf = ERR_error_string(ERR_get_error(), NULL);
printf(Error : %s, errbuf);
return -1;
  }

  /* Covert keys from BN into bytes */

  *pub_key_length = BN_bn2bin(dh-pub_key, (unsigned char *)(pub_key));

  return 0;
}

DH_Generate_key would generate a private key, and then a corresponding
public key value. You need to send this public key value to your peer and
then expect a public key value from the peer.
Once you get peer's public key use the same dh object to calculate the
secret value, which I do in this way-
peer_pub_key = BN_bin2bn((unsigned char *)peer_public_key, key_length,
NULL);

  if ((secret_key_length = DH_compute_key((unsigned char *)temp,
peer_pub_key, dh))  0)
  {
  errbuf = ERR_error_string(ERR_get_error(), NULL);
  printf(Error : %s, errbuf);
  return -1;
  }
  *secret_length = DH_size(dh);


I feel the variables would be self explainatory.


On Fri, Dec 21, 2012 at 10:19 AM, Hemayamini Kurra 
hemayaminiku...@email.arizona.edu wrote:

 Hello!!


 I am trying to implement Diffe-Hellman Key exchange protocol between
 Client and server. I am using openSSL dh.h library for that. The problem is
 how to send the publickey generated by DH_generate_key() function to
 client/server.

 My idea is to get the shared secret which I can use for further encryption
 of communication between client and server. I have followed the following
 steps

 1. Generate the parameters uysing DH_generate_parameters()
 2. DH_check() for checking the parameters generated.
 3. Then to use DH_compute_key() I should be able to get the peer's public
 key. How can I get this?

 What is the private value DH_generate_key uses for generating public key?

 I dint find any sample programs for this problem. It would be great if
 anyone suggest some sample programs related to my above mentioned task!!


 Thanks and Regards,
 Yamini.




-- 
Prashant Batra