I think you are keeping the same confusion in data formats. A string with characters "ABCD" is saved in memory as characters 'A' (ascii 0x41), 'B' (ascii 0x42), 'C' (ascii 0x43) and 'D' (ascii 0x44) in 4 bytes, not as 2 bytes 0xAB and 0xCD.
Greetings -- David Marín Carreño 2009/7/14 Ram G <[email protected]> > > I tried out a couple of more ideas but no luck. > > Setting the key on the server side as follows works: > > key->data = gnutls_malloc (4); > key->data = "\xDE\xAD\xBE\xEF"; > key->size = 4; > > I also tried as follows: > > char * somekey = "DEADBEEF"; //DEADBEEF is hardcoded for test but will be > dynamically generated > int i,temp; > > for (i = 0; somekey[i]; i += 2) { > sscanf(&somekey[i], "%02x", &temp); > key->data[i / 2] = temp; > } > This does not work either. I'm scratching my head how to take a string like > "DEADBEEF" and convert it to "\xDE\xAD\xBE\xEF" and assign it to key->data. > > If PSK key value on the client side is given as > const gnutls_datum_t key = { (char*) "DEADBEEF", 8 }; > why doesn't it work if I assign it the same way on the server side? Why > does it expect it as hexadecimal values ? > > Any ideas highly appreciated. > > -Ramg > > > On Mon, Jul 13, 2009 at 4:36 PM, Ram G <[email protected]> wrote: > >> Hi Nikos, >> >> Thanks for your response. >> >> I tried your suggestion and that does not work either. However the sample >> program works fine when assigning two hexadecimal characters each to the 4 >> bytes. >> >> It is a weird requirement but we cannot use certificates or previously >> known keys for the PSK authentication. Instead what I'm doing is establish >> an anonymous DH handshake between the client and the server. Now both the >> client and the server know the master secret. I would like to use this >> master secret as pre-shared keys between the client and the server. >> >> Can you please let me know if this can weaken the cryptosystem ? I'll try >> out any alternate suggestion you might have. >> >> Thanks and Regards >> >> Ramg >> >> On Mon, Jul 13, 2009 at 4:10 PM, Nikos Mavrogiannopoulos < >> [email protected]> wrote: >> >>> Ram G wrote: >>> > Hi, >>> > >>> > I'm working on the sample programs provided in the source examples >>> folder >>> > and I would like some help from you. I'm trying to do a DH key exchange >>> with >>> > PSK authentication. >>> > >>> > The client sample (ex-client-psk.c) assigns the pre shared key as >>> follows: >>> > >>> > const gnutls_datum_t key = { (char*) "DEADBEEF", 8 }; >>> > >>> > The server sample (ex-serv-psk.c) does the key assignment in the >>> callback >>> > function pskfunc as follows: >>> > >>> > key->data = gnutls_malloc (4); >>> > key->data[0] = 0xDE; >>> > key->data[1] = 0xAD; >>> > key->data[2] = 0xBE; >>> > key->data[3] = 0xEF; >>> > key->size = 4; >>> >>> It is not the same as above. Above you use 8 bytes and here 4. Use >>> instead: >>> key->data[0] = 'D'; >>> key->data[1] = 'E'; >>> key->data[2] = 'A'; >>> key->data[3] = 'D'; >>> key->data[4] = 'B'; >>> key->data[5] = 'E'; >>> key->data[6] = 'E'; >>> key->data[7] = 'F'; >>> key->size = 8; >>> >>> > I would like to assign the pre-shared key dynamically. If I assign the >>> PSK >>> > in the server as follows, it does not work. I get the error "Decryption >>> has >>> > failed". >>> >>> Actually how the keys are going to be generated? You have to think about >>> that seriously and make sure that the key generation is not weakening >>> the cryptosystem. To be on the safe side, and especially if you are not >>> experienced in the field use the tools provided by gnutls for the key >>> generation. >>> >>> >>> regards, >>> Nikos >>> >>> >> > > _______________________________________________ > Help-gnutls mailing list > [email protected] > http://lists.gnu.org/mailman/listinfo/help-gnutls >
_______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
