On Fri, Dec 28, 2012 at 4:32 PM, Hemayamini Kurra <hemayaminiku...@email.arizona.edu> wrote: > Thanks for the reply Jeff!! > > The problem comes when I try to send the values of prime and publickey to > peer. As I am converting BIGNUM to binary and then at the peer the other way > round, The parameters are not received properly by the peer!! Use BSON to package the data. It sounds like its a presentation layer problem.
Jeff > On Fri, Dec 28, 2012 at 2:28 PM, Jeffrey Walton <noloa...@gmail.com> wrote: >> >> On Fri, Dec 28, 2012 at 3:37 PM, Hemayamini Kurra >> <hemayaminiku...@email.arizona.edu> wrote: >> > Hello!! >> > >> > I am implementing DH algorithm using OpenSSL library. >> > My scenario is - >> > using DH key exchange algorithm for key generation and exchange between >> > client and server. Using DSA for two way authentication. >> > server: >> Could be tricky to get right, especially when you need semantic >> authentication over the process. >> >> > I have generated DH parameters using DH_generate_parameters() >> > I have generated the public and private keys using DH_generate_key() >> Don't forget to validate the key. If you don't validate a key, you >> cannot use it. For encryption, that means you don't apply your secret >> to an unvalidated key; and for signatures, you don't trust the outcome >> of the verification process. >> >> GnuPG is a special case. They used Lim-Lee primes and they can't be >> validated without obtaining the unique factorization. I would >> recommend asking for a key composed of a strong or safe prime or >> refuse to process their data (but I've always been >> defensive/paranoid). >> >> > I am using TCP socket programming in c to send the prime generator and >> > ... >> > >> > I am getting "segmentation fault". >> That sounds like a network programming problem. Have you been through >> W. Richard Stevens' "TCP/IP Illustrated" or "UNIX Network >> Programming"? ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
