On Tue, Mar 19, 2013 at 8:13 PM, Matt Caswell <fr...@baggins.org> wrote:
> On 19 March 2013 14:18, azhar jodatti <azhar...@gmail.com> wrote: > > On Tue, Mar 19, 2013 at 6:24 PM, Matt Caswell <fr...@baggins.org> wrote: > >> On 19 March 2013 12:22, azhar jodatti <azhar...@gmail.com> wrote: > >> > PEM_write_bio_DHparams(out, temp);//this prints public key in > >> > base64 > >> > (this is what i think :) ) > >> > >> This is NOT a base64 representation of the public key. This is > >> printing out the parameters only (which does not include the public > >> key) > >> > >> > >> > X509EncodedKeySpec x509KeySpec = new > >> > X509EncodedKeySpec(clientPubKeyEnc); > >> > PublicKey alicePubKey = > bobKeyFac.generatePublic(x509KeySpec); > >> > // > >> > this throws invalidKeySpecException : invalid key specification > >> > > >> > > What is the reason behind this? Why it won't work with > X509EncodedKeySpec? > > > Because, as noted above the data you are trying to use is not what you > think it is. X509EncodedKeySpec expects an ASN.1 type of > "SubjectPublicKeyInfo", whereas you are providing an ASN.1 type of > DHparams. > > >> > >> Instead of above, try something like this: > >> > >> BigInteger y = new > >> > >> > BigInteger("4373485839237796166699589228729451887524557806298817546317652313209684941935291316056752499275686842785989445002203537603465313281932431907074220666705812428468899520395399424699433568818334649395647035588736697462362131440308900155995886437558059484184376957451229991382889256903754886307405909744230582829"); > >> BigInteger p = new > >> > >> > BigInteger("106824077746282794452228647025839229808074839339760371103063155402464842614962676228255294325459053774613506891207056818441720848774298482866918174271328357364028843638451324415691330056638482781344307395975948664971732094293996189467599104442989563027727348339786810653279203313302815966250977426622843204103"); > >> BigInteger g = new BigInteger("5"); > >> DHPublicKeySpec dhKeySpec = new DHPublicKeySpec(y, p, g); > >> PublicKey alicPubKey = bobKeyFac.generatePublic(dhKeySpec); > >> > >> Yes, I tried this as well. It won't throw any exception. It silently > >> generate the public and secret key at server. but when I use server's > public > >> key at client to generate clients secret key, it ends up with having > >> different secret key at both the end. The client secret key won't match > with > >> server's secret key. > > > It's not throwing an exception because it is a correctly formatted > public key as opposed to an incorrectly formatted one! > > If you're not getting the same shared secret then we have to keep > looking for the next problem! Please can you show me the public key > that is generated from the Java, and how you are getting that into the > C. > > > Public key : > 51093028659631095152127547561210256954397603098232059666027122615973227382429027689439366800901894865255894412959274262339973658755087875326652519316408641291147210116350724179445600062190440655247730764834818870113073675659597350146096013520359779813721130161289129623836149432660886911252479058706300096609627440489763066216701057451976966454286830289446177423364030417328352835706375072921374017823594671329956408841840266423002727166432797742483425435318160265353606929428888687407883845458106878990927218108399715490559887862345042269910918508836619472642535350414785745034292564778165044378612630468960194913792482268072428278422412284738960598286710094132345557605518602478981231098046892613531283123151 > > Secret key : 121277045462377180924388960664136553887763629105491725197403931101683470015335768230267747273675733333930957394257354070595978655048643912250308681026844585744709027576900402249670187203160151084771397152790055765927595015924125212527820968758168922306979142896670732847778567823870168933256602812482617195330 These are the public and secret key generated at JAVA server. I am passing public key to C. below is the C code snippet which takes this key and generates secret key. printf("Enter server public key \n"); unsigned char serverpublickey[1024]; scanf("%s",serverpublickey);// reads the server public key BIGNUM *spubkey=BN_new(); BIGNUM **ppubkey =&spubkey; BN_dec2bn(ppubkey,serverpublickey);//convert decimal key to BIGNUM printf("\nserver public key= \n"); BN_print(out,*ppubkey); clientout=DH_compute_key(clientbuf,*ppubkey,client); above DH_compute_key function returns -1 values and the error message it prints is "error:05066066:Diffie-Hellman routines:COMPUTE_KEY:invalid public key" I am using below code to get this error unsigned long errorcode = ERR_get_error(); ERR_error_string_n(errorcode, errbuf,sizeof errbuf); Matt >