[Botan-devel] DH public key generation

Jack Lloyd lloyd at randombit.net
Tue Oct 7 12:03:11 EDT 2008


On Tue, Oct 07, 2008 at 04:47:05PM +0100, rippel tippel wrote:

> When I print the two keys, they are exactly the same.
> I also tried to use two separate print_key() functions, one for
> DH_PublickKey and another one for DH_PrivateKey, but the result is still the
> same.
> If the print_key() function is correct, in a DH key exchange Alice would
> send its private key to Bob!

In all cases you call public_value(). That returns the public key. It
doesn't matter if the key is a DH public or private key, because in
both cases the public key is the same thing.

> Another problem that I have with DH key exchange is that, when Bob receives
> Alice's (public?) key, I have a segfault.
> I am sending the key using an UDP socket:
> 
> ALICE:
> DH_PrivateKey alice_private(DL_Group("modp/ietf/1024"));
> DH_PublicKey alice_public = alice_private;
> sendto(skt, (DH_PublicKey*)&alice_public, sizeof(DH_PublicKey), 0, (struct
> sockaddr*)&udp_bob_addr, len);
> 
> BOB:
> recvfrom(skt, (DH_PublicKey*)&alice_public, sizeof(DH_PublicKey), 0, (struct
> sockaddr*)&udp_alice_addr, (socklen_t*)&len);
> DH_PrivateKey bob_private(alice_public.get_domain());   // <-- SEGMENTATION
> FAULT
> DH_PublicKey bob_public = bob_private;
> 
> What's wrong with that?

Generally speaking passing C++ objects directly across the network
does not work terribly well, even if the machines are homogenous.  You
can encode public keys as X.509 subjectPublicKeyInfo structures, this
is how most programs handle import/export of raw (non-cert) public
keys, it is a standard format and works across most public key
algorithms.

Regards,
  Jack



More information about the botan-devel mailing list