In message <[EMAIL PROTECTED]> on Sun, 19 Sep 2004 12:21:53 -0700 (PDT), Layla <[EMAIL PROTECTED]> said:
layla_a2002> Richard, Thanks for replying, You're welcome! layla_a2002> I'm supposed to implement Needham-Schroeder computer layla_a2002> security protocol; I'm using OpenSSL to handle the layla_a2002> cryptography part of the five messages being exchanged. layla_a2002> layla_a2002> In message one for example: layla_a2002> layla_a2002> Client A --> CA Server: A, B, Na layla_a2002> layla_a2002> Where Na is a random nonce generated by the client A, layla_a2002> where it is generated especially for each run of the layla_a2002> protocol, the nonce is used to ensure that the messages layla_a2002> are timely. Now I believe that the nonce in this protocol layla_a2002> in particular must be in a numerical form as the CA layla_a2002> server must send (Na -1) back to Client A. Actually, in that particular message, the server is supposed to send back the same nonce, at least according to http://www.webster-dictionary.org/definition/Needham-Schroeder . However, in communication with B, A needs to calculate Nb+1. Either way, you obviously need to do som calculation on an integer. There are two ways to do this, depending on how large the nonce is. If it's larger than the size of an int, you will need to do calculations with BIGNUMs. Consider the following code: /* This assumes that the nonce is in an array pointed at by 'unsigned char *nonce', and the length of the nonce in 'noncel'. Note that the nonce must be considered big-endian, period! */ unsigned char *new_nonce; int new_noncel; BIGNUM *n = BN_bin2bn(nonce, noncel, NULL); BN_add_word(n, 1); new_noncel = BN_num_bytes(n); new_nonce = malloc(new_noncel); BN_bn2bin(n, new_nonce); (note that I have done *no* error checking) If the nonce is less or equal to the size of an int (which is often 32 bits), it's very easy to convert the array of bytes to an integer, add one to the result and put it back into the array... Cheers, Richard ----- Please consider sponsoring my work on free software. See http://www.free.lp.se/sponsoring.html for details. -- Richard Levitte [EMAIL PROTECTED] http://richard.levitte.org/ "When I became a man I put away childish things, including the fear of childishness and the desire to be very grown up." -- C.S. Lewis ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
