Hi all:
Here is the problem:
I am doing Diffie-Hellman key exchange.
I generate parameters p and g using DH_generate_parameters().
Both server and client share the same p and g.
I use DH_generate_key() to generate public and private keys.
Then I use DH_compute_key() to compute the session key(the shared secret).
I need symmetric key to encrypt/decrypt data. How can I use the session key to generate
a symmetric key? Will the session key be transformed into master secret which will be used
to generate the symmetric key? If so, how can I do it?
The following is the sample code from open ssl.But it doesn't have the information I need.
your help is appreciated!
patty
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#ifdef WINDOWS
#include "../bio/bss_file.c"
#endif
#include <openssl/crypto.h>
#include <openssl/bio.h>
#include <openssl/bn.h>
#include <openssl/rand.h>
#ifdef NO_DH
int main(int argc, char *argv[])
{
printf("No DH support\n");
return(0);
}
#else
#include <openssl/dh.h>
#ifdef WIN16
#define MS_CALLBACK _far _loadds
#else
#define MS_CALLBACK
#endif
static void MS_CALLBACK cb(int p, int n, void *arg);
#ifdef NO_STDIO
#define APPS_WIN16
#include "bss_file.c"
#endif
static const char rnd_seed[] = "string to make the random number generator think it has entropy";
int main(int argc, char *argv[])
{
DH *a;
DH *b=NULL;
char buf[12];
unsigned char *abuf=NULL,*bbuf=NULL;
int i,alen,blen,aout,bout,ret=1;
BIO *out;
#ifdef WIN32
CRYPTO_malloc_init();
#endif
RAND_seed(rnd_seed, sizeof rnd_seed);
out=BIO_new(BIO_s_file());
if (out == NULL) exit(1);
BIO_set_fp(out,stdout,BIO_NOCLOSE);
a=DH_generate_parameters(1024,DH_GENERATOR_2,cb,out);
if (a == NULL) goto err;
BIO_puts(out,"\np =");
BN_print(out,a->p);
BIO_puts(out,"\ng =");
BN_print(out,a->g);
BIO_puts(out,"\n");
b=DH_new();
if (b == NULL) goto err;
b->p=BN_dup(a->p);
b->g=BN_dup(a->g);
if ((b->p == NULL) || (b->g == NULL)) goto err;
if (!DH_generate_key(a)) goto err;
BIO_puts(out,"pri 1=");
BN_print(out,a->priv_key);
BIO_puts(out,"\npub 1=");
BN_print(out,a->pub_key);
BIO_puts(out,"\n");
if (!DH_generate_key(b)) goto err;
BIO_puts(out,"pri 2=");
BN_print(out,b->priv_key);
BIO_puts(out,"\npub 2=");
BN_print(out,b->pub_key);
BIO_puts(out,"\n");
alen=DH_size(a);
abuf=(unsigned char *)OPENSSL_malloc(alen);
aout=DH_compute_key(abuf,b->pub_key,a);
BIO_puts(out,"key1 =");
for (i=0; i<aout; i++)
{
sprintf(buf,"%02X",abuf[i]);
BIO_puts(out,buf);
}
BIO_puts(out,"\n");
blen=DH_size(b);
bbuf=(unsigned char *)OPENSSL_malloc(blen);
bout=DH_compute_key(bbuf,a->pub_key,b);
BIO_puts(out,"key2 =");
for (i=0; i<bout; i++)
{
sprintf(buf,"%02X",bbuf[i]);
BIO_puts(out,buf);
}
BIO_puts(out,"\n");
if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0))
{
fprintf(stderr,"Error in DH routines\n");
ret=1;
}
else
ret=0;
err:
if (abuf != NULL) OPENSSL_free(abuf);
if (bbuf != NULL) OPENSSL_free(bbuf);
if(b != NULL) DH_free(b);
if(a != NULL) DH_free(a);
BIO_free(out);
exit(ret);
return(ret);
}
static void MS_CALLBACK cb(int p, int n, void *arg)
{
char c='*';
if (p == 0) c='.';
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
BIO_write((BIO *)arg,&c,1);
(void)BIO_flush((BIO *)arg);
#ifdef LINT
p=n;
#endif
}
#endif
