|
Hi , While migrating from 1.0.2 to 3.0, we found that DH_compute_key () has be deprecated.
In the current we are using the compute API as below dh->priv_key = BN_bin2bn(privateKey, octet_len, NULL); bn_publicKey = BN_bin2bn(publicKey, octet_len, NULL); rv = DH_compute_key(sharedSecret, bn_publicKey, dh); to exactly replace this we are generating “pubparam_key/priparam_key” using bn_publicKey/dh->priv_key as below OSSL_PARAM_BLD *pubparamsbld = NULL, priparamsbld = NULL; OSSL_PARAM *pubparams = NULL, priparams = NULL; EVP_PKEY *pubparam_key = NULL, *priparam_key = NULL; EVP_PKEY_CTX *pubctx = NULL, *prictx = NULL; pubparamsbld = OSSL_PARAM_BLD_new() priparamsbld = OSSL_PARAM_BLD_new() OSSL_PARAM_BLD_push_BN(pubparamsbld, OSSL_PKEY_PARAM_PUB_KEY, bn_publicKey) OSSL_PARAM_BLD_push_BN(priparamsbld, OSSL_PKEY_PARAM_PRIV_KEY,bn_privateKey) //build context pubctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL); prictx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL); EVP_PKEY_key_fromdata_init(pubctx) EVP_PKEY_key_fromdata_init(prictx) pubparams = OSSL_PARAM_BLD_to_param(pubparamsbld); EVP_PKEY_fromdata(pubctx, &pubparam_key, pubparams)) priparams = OSSL_PARAM_BLD_to_param(priparamsbld); EVP_PKEY_fromdata(prictx, &priparam_key, priparams)) From there, we are planning to use EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, and EVP_PKEY_derive to get shared secret
Please suggest if any step is invalid or not necessary Regards, Sunil Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments. |
