Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Why isn't the key equal using OpenSSL diffie hellman?

I can't figure out why my keys aren't equal when doing this diffie hellman exchange example. I'm using the openssl library in C (openssl/dh.h).

It seems pretty straightforward, but for some reason the keys aren't the same. What am I missing?

Any ideas? Thanks!

    void hexprint(unsigned char *printBuf, int len)
    {
        int i;
        for(i = 0; i < len; i++)
        {
            printf("%x ", printBuf[i]);
        }
        printf("\n");
    }

    int main(int argc, char *argv[])
    {
        srand(time(NULL));
        DH *dh1;
        DH *dh2;
        unsigned char *dh_secret1;
        unsigned char *dh_secret2;
        dh1 = DH_generate_parameters(256, 2, NULL, NULL);
        dh2 = DH_generate_parameters(256, 2, NULL, NULL);

        DH_generate_key(dh1);
        DH_generate_key(dh2);

        dh_secret1 = malloc(DH_size(dh1));
        memset(dh_secret1, 0, DH_size(dh1));
        dh_secret2 = malloc(DH_size(dh2));
        memset(dh_secret2, 0, DH_size(dh2));

        DH_compute_key(dh_secret1, dh2->pub_key, dh1);
        DH_compute_key(dh_secret2, dh1->pub_key, dh2);

        printf("Secret Key 1: \n");
        hexprint(dh_secret1, 32);
        printf("Secret Key 2: \n");
        hexprint(dh_secret2, 32);

        free(dh_secret1);
        free(dh_secret2);
        DH_free(dh1);
        DH_free(dh2);
    }
like image 660
user2489846 Avatar asked Jun 16 '13 00:06

user2489846


1 Answers

Because in DH the users must share the same parameters. Only perform DH_generate_parameters once, and share it between the users.

like image 67
Vlad Krasnov Avatar answered Oct 11 '22 15:10

Vlad Krasnov