On 19 March 2013 14:18, azhar jodatti <azhar...@gmail.com> wrote:
> On Tue, Mar 19, 2013 at 6:24 PM, Matt Caswell <fr...@baggins.org> wrote:
>> On 19 March 2013 12:22, azhar jodatti <azhar...@gmail.com> wrote:
>> > PEM_write_bio_DHparams(out, temp);//this prints public key in
>> > base64
>> > (this is what i think :) )
>>
>> This is NOT a base64 representation of the public key. This is
>> printing out the parameters only (which does not include the public
>> key)
>>
>>
>> > X509EncodedKeySpec x509KeySpec = new
>> > X509EncodedKeySpec(clientPubKeyEnc);
>> > PublicKey alicePubKey = bobKeyFac.generatePublic(x509KeySpec);
>> > //
>> > this throws invalidKeySpecException : invalid key specification
>> >
>>
> What is the reason behind this? Why it won't work with X509EncodedKeySpec?
>
Because, as noted above the data you are trying to use is not what you
think it is. X509EncodedKeySpec expects an ASN.1 type of
"SubjectPublicKeyInfo", whereas you are providing an ASN.1 type of
DHparams.
>>
>> Instead of above, try something like this:
>>
>> BigInteger y = new
>>
>> BigInteger("4373485839237796166699589228729451887524557806298817546317652313209684941935291316056752499275686842785989445002203537603465313281932431907074220666705812428468899520395399424699433568818334649395647035588736697462362131440308900155995886437558059484184376957451229991382889256903754886307405909744230582829");
>> BigInteger p = new
>>
>> BigInteger("106824077746282794452228647025839229808074839339760371103063155402464842614962676228255294325459053774613506891207056818441720848774298482866918174271328357364028843638451324415691330056638482781344307395975948664971732094293996189467599104442989563027727348339786810653279203313302815966250977426622843204103");
>> BigInteger g = new BigInteger("5");
>> DHPublicKeySpec dhKeySpec = new DHPublicKeySpec(y, p, g);
>> PublicKey alicPubKey = bobKeyFac.generatePublic(dhKeySpec);
>>
>> Yes, I tried this as well. It won't throw any exception. It silently
>> generate the public and secret key at server. but when I use server's public
>> key at client to generate clients secret key, it ends up with having
>> different secret key at both the end. The client secret key won't match with
>> server's secret key.
>
It's not throwing an exception because it is a correctly formatted
public key as opposed to an incorrectly formatted one!
If you're not getting the same shared secret then we have to keep
looking for the next problem! Please can you show me the public key
that is generated from the Java, and how you are getting that into the
C.
Matt
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
