Re: How to verify that DH private and public key have been generated ?
I have to use DH structure ( I have no choice ). So I 'll try EVP_PKEY_new() as Dr. Henson said. However I 'd like to learn and understand how to verify if DH_generate_key( ) has really set pbkey and pvkey. ikuzar. 2011/3/24 Mike Mohr akih...@gmail.com ikuzar, I'm sorry to be blunt, but if you don't understand what I'm saying then you shouldn't be writing code that deals with low-level cryptographic objects/primitives. See the recent revelations from Sony and Nokia for why: even multinational corporations with hundreds of specialist developers can all too easily ship epic failboat code. As Dr. Henson has already pointed out you should use the subroutines that OpenSSL provides to you. On Wed, Mar 23, 2011 at 4:50 PM, ikuzar razuk...@gmail.com wrote: I do not understand what you mean. 1) I tried to print data's size returned by i2d_DHparams(const_dh, dhbuf); without computing private nor public key. I have got 138 bytes. Then I remade the same operation but I had computed private and public key using DH_generate_key(dh); and I have still got 138 bytes ...it seems to be odd for me, because I think dh's size must be greater after computing keys. 2) I tried the following check before and after computing keys : if (dh-priv_key == NULL) printf(\n1)dh-priv_key is NULL\n); else printf(\n1)dh-priv_key is not NULL\n); Before computing key, I have got priv_key is NULL. After computing, priv_key is not NULL I 'm wondering what happens... could you tell me more about bit counting ? I do not understand The private and public keys should be similar in size to p. Thanks for your help. 2011/3/23 Mike Mohr akih...@gmail.com Try checking the bit count of the structure members. The private and public keys should be similar in size to p. On Mar 23, 2011 10:27 AM, ikuzar razuk...@gmail.com wrote: Hello, I 'd like to know how to verify that DH private and public key have been generated ? In my DH struct, p and g had been generated with commands line ( openssl dhparam... ) struct { BIGNUM *p; // prime number (shared) BIGNUM *g; // generator of Z_p (shared) BIGNUM *priv_key; // private DH value x BIGNUM *pub_key; // public DH value g^x // ... }; DH Priv_key and pub_key are generated later with DH_generate_key(dh). I would like verify if DH_generate_key( ) has generated the priv_key ( an human proof, example by using DHparams_print_fp(fp, dh ); ) I used this function but it did not print private key into file pointed by fp. Thanks for your help. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How to verify that DH private and public key have been generated ?
When I try to computed shared key with DH_compute_key, I have got error : error:05066064:Diffie-Hellman routines:COMPUTE_KEY:no private value. Could you tell me what should I do to fix this problem ? ( I 'll try EVP_PKEY later ). Thanks. 2011/3/24 ikuzar razuk...@gmail.com I have to use DH structure ( I have no choice ). So I 'll try EVP_PKEY_new() as Dr. Henson said. However I 'd like to learn and understand how to verify if DH_generate_key( ) has really set pbkey and pvkey. ikuzar. 2011/3/24 Mike Mohr akih...@gmail.com ikuzar, I'm sorry to be blunt, but if you don't understand what I'm saying then you shouldn't be writing code that deals with low-level cryptographic objects/primitives. See the recent revelations from Sony and Nokia for why: even multinational corporations with hundreds of specialist developers can all too easily ship epic failboat code. As Dr. Henson has already pointed out you should use the subroutines that OpenSSL provides to you. On Wed, Mar 23, 2011 at 4:50 PM, ikuzar razuk...@gmail.com wrote: I do not understand what you mean. 1) I tried to print data's size returned by i2d_DHparams(const_dh, dhbuf); without computing private nor public key. I have got 138 bytes. Then I remade the same operation but I had computed private and public key using DH_generate_key(dh); and I have still got 138 bytes ...it seems to be odd for me, because I think dh's size must be greater after computing keys. 2) I tried the following check before and after computing keys : if (dh-priv_key == NULL) printf(\n1)dh-priv_key is NULL\n); else printf(\n1)dh-priv_key is not NULL\n); Before computing key, I have got priv_key is NULL. After computing, priv_key is not NULL I 'm wondering what happens... could you tell me more about bit counting ? I do not understand The private and public keys should be similar in size to p. Thanks for your help. 2011/3/23 Mike Mohr akih...@gmail.com Try checking the bit count of the structure members. The private and public keys should be similar in size to p. On Mar 23, 2011 10:27 AM, ikuzar razuk...@gmail.com wrote: Hello, I 'd like to know how to verify that DH private and public key have been generated ? In my DH struct, p and g had been generated with commands line ( openssl dhparam... ) struct { BIGNUM *p; // prime number (shared) BIGNUM *g; // generator of Z_p (shared) BIGNUM *priv_key; // private DH value x BIGNUM *pub_key; // public DH value g^x // ... }; DH Priv_key and pub_key are generated later with DH_generate_key(dh). I would like verify if DH_generate_key( ) has generated the priv_key ( an human proof, example by using DHparams_print_fp(fp, dh ); ) I used this function but it did not print private key into file pointed by fp. Thanks for your help. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
How to verify that DH private and public key have been generated ?
Hello, I 'd like to know how to verify that DH private and public key have been generated ? In my DH struct, p and g had been generated with commands line ( openssl dhparam... ) struct { BIGNUM *p; // prime number (shared) BIGNUM *g; // generator of Z_p (shared) BIGNUM *priv_key; // private DH value x BIGNUM *pub_key;// public DH value g^x // ... }; DH Priv_key and pub_key are generated later with DH_generate_key(dh). I would like verify if DH_generate_key( ) has generated the priv_key ( an human proof, example by using DHparams_print_fp(fp, dh ); ) I used this function but it did not print private key into file pointed by fp. Thanks for your help.
Re: How to verify that DH private and public key have been generated ?
Try checking the bit count of the structure members. The private and public keys should be similar in size to p. On Mar 23, 2011 10:27 AM, ikuzar razuk...@gmail.com wrote: Hello, I 'd like to know how to verify that DH private and public key have been generated ? In my DH struct, p and g had been generated with commands line ( openssl dhparam... ) struct { BIGNUM *p; // prime number (shared) BIGNUM *g; // generator of Z_p (shared) BIGNUM *priv_key; // private DH value x BIGNUM *pub_key; // public DH value g^x // ... }; DH Priv_key and pub_key are generated later with DH_generate_key(dh). I would like verify if DH_generate_key( ) has generated the priv_key ( an human proof, example by using DHparams_print_fp(fp, dh ); ) I used this function but it did not print private key into file pointed by fp. Thanks for your help.
Re: How to verify that DH private and public key have been generated ?
I do not understand what you mean. 1) I tried to print data's size returned by i2d_DHparams(const_dh, dhbuf); without computing private nor public key. I have got 138 bytes. Then I remade the same operation but I had computed private and public key using DH_generate_key(dh); and I have still got 138 bytes ...it seems to be odd for me, because I think dh's size must be greater after computing keys. 2) I tried the following check before and after computing keys : if (dh-priv_key == NULL) printf(\n1)dh-priv_key is NULL\n); else printf(\n1)dh-priv_key is not NULL\n); Before computing key, I have got priv_key is NULL. After computing, priv_key is not NULL I 'm wondering what happens... could you tell me more about bit counting ? I do not understand The private and public keys should be similar in size to p. Thanks for your help. 2011/3/23 Mike Mohr akih...@gmail.com Try checking the bit count of the structure members. The private and public keys should be similar in size to p. On Mar 23, 2011 10:27 AM, ikuzar razuk...@gmail.com wrote: Hello, I 'd like to know how to verify that DH private and public key have been generated ? In my DH struct, p and g had been generated with commands line ( openssl dhparam... ) struct { BIGNUM *p; // prime number (shared) BIGNUM *g; // generator of Z_p (shared) BIGNUM *priv_key; // private DH value x BIGNUM *pub_key; // public DH value g^x // ... }; DH Priv_key and pub_key are generated later with DH_generate_key(dh). I would like verify if DH_generate_key( ) has generated the priv_key ( an human proof, example by using DHparams_print_fp(fp, dh ); ) I used this function but it did not print private key into file pointed by fp. Thanks for your help.
Re: How to verify that DH private and public key have been generated ?
On Wed, Mar 23, 2011, ikuzar wrote: Hello, I 'd like to know how to verify that DH private and public key have been generated ? In my DH struct, p and g had been generated with commands line ( openssl dhparam... ) struct { BIGNUM *p; // prime number (shared) BIGNUM *g; // generator of Z_p (shared) BIGNUM *priv_key; // private DH value x BIGNUM *pub_key;// public DH value g^x // ... }; DH Priv_key and pub_key are generated later with DH_generate_key(dh). I would like verify if DH_generate_key( ) has generated the priv_key ( an human proof, example by using DHparams_print_fp(fp, dh ); ) I used this function but it did not print private key into file pointed by fp. This can be performed more easily with the EVP_PKEY API which is part of OpenSSL 1.0.0 and later. You can perform all the key operations in there such as generation and printing the output. In fact they can all be done with the pkey command line utilities. If you want to keep to using the DH structure you can get a new EVP_PKEY with EVP_PKEY_new() include the DH with it by doing EVP_PKEY_set1_DH(), print it out with EVP_PKEY_print_private() and finally free up the pkey with EVP_PKEY_free(). Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How to verify that DH private and public key have been generated ?
ikuzar, I'm sorry to be blunt, but if you don't understand what I'm saying then you shouldn't be writing code that deals with low-level cryptographic objects/primitives. See the recent revelations from Sony and Nokia for why: even multinational corporations with hundreds of specialist developers can all too easily ship epic failboat code. As Dr. Henson has already pointed out you should use the subroutines that OpenSSL provides to you. On Wed, Mar 23, 2011 at 4:50 PM, ikuzar razuk...@gmail.com wrote: I do not understand what you mean. 1) I tried to print data's size returned by i2d_DHparams(const_dh, dhbuf); without computing private nor public key. I have got 138 bytes. Then I remade the same operation but I had computed private and public key using DH_generate_key(dh); and I have still got 138 bytes ...it seems to be odd for me, because I think dh's size must be greater after computing keys. 2) I tried the following check before and after computing keys : if (dh-priv_key == NULL) printf(\n1)dh-priv_key is NULL\n); else printf(\n1)dh-priv_key is not NULL\n); Before computing key, I have got priv_key is NULL. After computing, priv_key is not NULL I 'm wondering what happens... could you tell me more about bit counting ? I do not understand The private and public keys should be similar in size to p. Thanks for your help. 2011/3/23 Mike Mohr akih...@gmail.com Try checking the bit count of the structure members. The private and public keys should be similar in size to p. On Mar 23, 2011 10:27 AM, ikuzar razuk...@gmail.com wrote: Hello, I 'd like to know how to verify that DH private and public key have been generated ? In my DH struct, p and g had been generated with commands line ( openssl dhparam... ) struct { BIGNUM *p; // prime number (shared) BIGNUM *g; // generator of Z_p (shared) BIGNUM *priv_key; // private DH value x BIGNUM *pub_key; // public DH value g^x // ... }; DH Priv_key and pub_key are generated later with DH_generate_key(dh). I would like verify if DH_generate_key( ) has generated the priv_key ( an human proof, example by using DHparams_print_fp(fp, dh ); ) I used this function but it did not print private key into file pointed by fp. Thanks for your help. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org