Re: Diffie Hellman problem

Tue, 18 Jun 2013 14:34:53 -0700 

I've tried it using the following code:

    EVP_PKEY * pp = EVP_PKEY_new();
    EVP_PKEY_set1_DH(pp, dh);

    char *buff;
    BUF_MEM *bptr;
    int write_rc = 0;
    BIO *bmem = BIO_new(BIO_s_mem());

    write_rc = PEM_write_bio_PUBKEY(bmem, pp);

But I'm not getting anything in pp and write_rc is 0.

How should I use the EVP_PKEY?


Aleix Ventayol | Mobile Jazz
C. Nàpols, 187, 9º, 08013 Barcelona
http://mobilejazz.cat<http://www.google.com/url?q=http%3A%2F%2Fmobilejazz.cat%2F&sa=D&sntz=1&usg=AFrqEzfgZdKlXETCdfdRKpZ-ieYGYbSPXA>


On Tue, Jun 18, 2013 at 7:39 PM, Dr. Stephen Henson <st...@openssl.org>wrote:

> On Tue, Jun 18, 2013, Aleix Ventayol wrote:
>
> > Hi everyone,
> >
> > I'm using a Diffie Hellman Agreemant on one app. I've been able to
> generate
> > the DH without any problems, but now I should send the DH information to
> > the server.
> >
> > We've an example of the same process written in Java, what this app
> > generates to send to the client is:
> >
> > SEQUENCE {
> >   SEQUENCE {
> >      OBJECTIDENTIFIER 1.2.840.113549.1.3.1
> >      SEQUENCE {
> >         INTEGER
> >
> 0x00ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aacaa68ffffffffffffffff
> >         INTEGER 0x02 (2 decimal)
> >      }
> >   }
> >   BITSTRING
> 0x0282010100b9c13521bc982e69de3e139d2521f32187ca932fdb579344c37cf2a8effb1c589ac27446656c911aefb84c961be5c389cabae7012b9edbec439ce5b57df4ad427e8baaa334c18c8bbf0fc3b19b197d484ae174f3fb538183368cdb11ecc228fc3fbb0029ff9aa0c06ccebbba47c1d1208410e9506cc08ae3bdc71924e95ae74994268822637ad628af95cf8b09cba0e070c7a8126921f6a700792ef45d844b8812f4d67f19bbc809ad33ac1ea59f4e3a9542e26b3a5f1738de6b9f8092c5a323747a716f39a17f879b87981c00944c8e5fb8f1e4d5ace6c81c182f80711bc55865c8562688b7084ae42f706fb80081f9e97982ef0242df221b202cee9b9ffcaf
> > : 0 unused bit(s)}
> >
> > >From my c++ app I try to get the same information using
> > PEM_write_bio_DHparams. I get  almost the same but without the BITSTRING
> > and the OBJECTIDENTIFIER.
> >
> > SEQUENCE {
> >   INTEGER
> 0x00ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa051015728e5a8aacaa68ffffffffffffffff
> >   INTEGER 0x02 (2 decimal)}
> >
> > Any clue about where's the problem?
> >
> > I've seen that Java version generates a X.509 certificate to send the
> data,
> > maybe I should generate a X509 certificate from the DH on my c++ version?
> >
> >
>
> The DH_* functions don't support encoding of public and private keys,
> PEM_write_bio_DHparams just writes DH parameters instead.
>
> If you use the higher level EVP_PKEY API and something like i2d_PUBKEY it
> should produce that format.
>
> Steve.
> --
> Dr Stephen N. Henson. OpenSSL project core developer.
> Commercial tech support now available see: http://www.openssl.org
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    openssl-users@openssl.org
> Automated List Manager                           majord...@openssl.org
>

Reply via email to