On Fri, May 31, 2024 at 07:47:40AM +0000, Vishal Kevat via openssl-users wrote:
> Hi OpenSSL users,
>
> I am using OpenSSL source version 3.3.0 and facing an issue in key generation part of Diffie Hellman (DH) Algorithm. Below are the APIs I am using for generating Public and Private Keys:
>
> static unsigned char DH_PRIME_128[] = { /* 128 bit prime */
> 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
> 0xc9, 0x0f, 0xda, 0xa2, 0x21, 0x68, 0xc2, 0x34
> };
You've copied only the leading 128 bits of two of the standard
prime groups. The above isn't the droid you're looking for.
https://isrc.iscas.ac.cn/gitlab/mirrors/github.com/wolfssl_wolfssl/-/raw/c9be50c3a0eadc7925f9ff987fe3d361b1a6e602/src/ssl.c
/* This sets a big number with the 768-bit prime from RFC 2409.
*
* bn if not NULL then the big number structure is used. If NULL then a new
* big number structure is created.
*
* Returns a WOLFSSL_BIGNUM structure on success and NULL with failure.
*/
WOLFSSL_BIGNUM* wolfSSL_DH_768_prime(WOLFSSL_BIGNUM* bn)
{
const char prm[] = {
"FFFFFFFFFFFFFFFFC90FDAA22168C234"
"C4C6628B80DC1CD129024E088A67CC74"
"020BBEA63B139B22514A08798E3404DD"
"EF9519B3CD3A431B302B0A6DF25F1437"
"4FE1356D6D51C245E485B576625E7EC6"
"F44C42E9A63A3620FFFFFFFFFFFFFFFF"
};
...
}
/* This sets a big number with the 1024-bit prime from RFC 2409.
*
* bn if not NULL then the big number structure is used. If NULL then a new
* big number structure is created.
*
* Returns a WOLFSSL_BIGNUM structure on success and NULL with failure.
*/
WOLFSSL_BIGNUM* wolfSSL_DH_1024_prime(WOLFSSL_BIGNUM* bn)
{
const char prm[] = {
"FFFFFFFFFFFFFFFFC90FDAA22168C234"
"C4C6628B80DC1CD129024E088A67CC74"
"020BBEA63B139B22514A08798E3404DD"
"EF9519B3CD3A431B302B0A6DF25F1437"
"4FE1356D6D51C245E485B576625E7EC6"
"F44C42E9A637ED6B0BFF5CB6F406B7ED"
"EE386BFB5A899FA5AE9F24117C4B1FE6"
"49286651ECE65381FFFFFFFFFFFFFFFF"
};
...
}
--
Viktor.
