On Tue, Mar 19, 2013 at 2:58 PM, Matt Caswell <fr...@baggins.org> wrote:
> On 19 March 2013 09:01, azhar jodatti <azhar...@gmail.com> wrote:
>
> > And possibly relevant here, the standard Suncle JCE provider actually
> > uses DSA paramgen for DH and thus imposes the DSA size restrictions
> > on DH -- 512 to 1024 in steps of 64 -- although they aren't required
> > by any standard I know of. I don't recall if JCE also restricts
> > *existing* (received) params; I'll test when I have some time.
> > I do recall you can get around this by using BouncyCastle instead.
> > But just using 1024 is easy and fine.
> > -->
> >
> > sometime I get below error "Prime size must be multiple of 64, and can
> only range from 512 to 1024 (inclusive)"
> > when i use small prime numbers.It means JCE uses DSA paramateres for DH
> algorithm. what is openSSL equalent to this?
> >
> > KeyPairGenerator kpg = KeyPairGenerator.getInstance("DH");
> > kpg.initialize(1024);
> > keyPair = kpg.generateKeyPair();
> >
> > DHParameterSpec dhSpec = ((DHPublicKey)
> keyPair.getPublic()).getParams();
> > baseGenerator = dhSpec.getG();
> > prime = dhSpec.getP();
> > sizeInBits = dhSpec.getL();
> > is this java code equalent to below c code?
> > DH_generate_parameters_ex(client,1024,DH_GENERATOR_5,NULL);
> >
> > see, with openSSL I have to pass DH_GENERATOR which only allowes (2 and
> 5) but that is not required in JAVA version.It generates it own base
> generator.
>
> It appears to be equivalent, although I am not familiar with the JCE
> API. What I do not understand though is why you have code to generate
> parameters on *both* sides of your communication. If you are going to
> generate params every time (which both Dave and myself have advised
> against - it is an expensive operation), you still only need to do it
> on one side of the communication. So, after a bit of googling, I
> would expect to see something like this on the Java side (if the C
> side generates the params):
>
Well, above both the code snaps are at client side, not at server. I
understand I don't have to generate keys at both the end. I just wanted to
give you an idea how I am doing it in JAVA and C to generate the keys. As
you said both code appears to be equivalent but practically it won't seems
like . at-least in my scenario. because parameters generated with above
java code works with my server but that's not the case with parameters
generated with above C code.
>
> KeyPairGenerator kpg = KeyPairGenerator.getInstance("DH");
> kpg.initialize(new DHParameterSpec(/* p value passed from C */, /* g
> value passed from C */));
> keyPair = kpg.generateKeyPair();
>
> yes, I m doing this at server. after generating keyPair I am generating
keyAgreent as well
. below is the code for this
KeyAgreement keyAgree = KeyAgreement.getInstance("DH");
keyAgree.init(keyPair.getPrivate());
//this generates public key at server
byte[] serverPubKeyEnc = keyPair.getPublic().getEncoded();
//I really don't know how exactly it does this. but its mandatory
keyAgree.doPhase(clientPubllicKey, true);
//this generates secret key at server
byte[] sharedSecret = keyAgree.generateSecret();
> Matt
>
