On 12/17/2011 2:44 AM, Dave Thompson wrote:
Sorry for the delay, I misplaced this temporarily.
From: owner-openssl-us...@openssl.org On Behalf Of Odomae Bro
Sent: Thursday, 08 December, 2011 12:02
<snip> I am now working with 1.0.0.e and am able to get the
anonymous DH going. There is only one small problem.
We use the p and g from the client/server exchange, but the
I hope you mean ServerKeyExchange (only). The ephemeral *keys*
go both directions, but parameters go server->client only.
DH private(say a) and public i.e. (A = g exp a mod p) is offloaded
and obtained from our hardware module. Once I get the keys, I copy
them into the dh_clnt->pub_key and dh_srvr_>pub_key in d1_clnt.c
and d1_srvr.c respectively.
Okay, that wasn't at all clear from your earlier question (or subject).
And I don't understand the motivation: HSM is normally used to protect
private (and secret) keys. Having it generate DH private+public and
export both (to software) doesn't make sense to me; having it export
only public (for you to send to peer) and then internally do the
agreement (*using* peer public you received) would make sense.
Be that as it may ...
Actually, hardware implementations are sometimes used purely
for their execution speed (this is often referred to as OffLoad or
Accelleration, OP used the word OffLoad), however as I pointed
out in my Dec 9 post, if the hardware used for performance
reasons was designed to also do the key protection work,
then the way the OP goes about this task could get blocked
by the hardware key protection mechanisms.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
