Hi all, In a test I have three DH key pairs generated from the IKE groups 14,15 and 16 paramters. When I want to derive a secret and I use the 2048 bit private key then the derivation fails if I use the 3072 or 4096 bit public key. But if I derive using the 3072 bit private key then I can derive using the 2048 and 3072 bit public key. When I use the 4096 bit private key I can derive with any of the public keys. The error I get when it fails is from the EVP_PKEY_derive() function: "error:05066066:Diffie-Hellman routines:COMPUTE_KEY:invalid public key"
It seems the private key must be the same or larger to succeed. Is this correct: Can the public key not be larger than the private key? Regards, LJB
