Re: Diffie-Hellman problem
From: Frank Perry (FrankPerry_at_discussions.microsoft.com)
Date: 06/14/05
- Next message: Michaelson Eitan: "Re: HAMC SHA1 with CryptoAPI"
- Previous message: Marco van Nieuwenhoven: "RE: HAMC SHA1 with CryptoAPI"
- In reply to: Valery Pryamikov: "Re: Diffie-Hellman problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 14 Jun 2005 04:08:02 -0700
Howdy,
Thanks. I'll try your code. I haven't had a chance to look at it yet. I
do notice you are doing Schannel and I wasn't. The two look almost identical
so it should help.
If it doesn't, I'll be back again.
Thanks again.
Frank
--
Frank Perry
LavaLeaf Software
"Valery Pryamikov" wrote:
> Frank,
> I didn't look carefully on your code - it does look wrong.
> here is a quick sample that works:
>
> C_HCRYPTPROV hCryptProv;
> HRESULT hr = S_OK;
> if(!CryptAcquireContext(&(*hCryptProv), NULL, NULL, PROV_DH_SCHANNEL, NULL)
> &&
> (hr = GetLastError(), hr==NTE_BAD_KEYSET ?
> (!CryptAcquireContext(&(*hCryptProv), NULL, NULL, PROV_DH_SCHANNEL,
> CRYPT_NEWKEYSET) &&
> (hr = GetLastError(), hr != S_OK)):true))
> return wprintf(L"Failed to acquire cryptographic context with error code
> 0x%8.8X\n", hr);
> C_HCRYPTKEY hKey1, hKey2, hKey3;
> if(!CryptGenKey((*hCryptProv), CALG_DH_EPHEM, ((1024<<16)|CRYPT_EXPORTABLE),
> &(*hKey1)))
> return wprintf(L"Failed to generate key with error code 0x%8.8X\n",
> GetLastError());
> if(!CryptGenKey((*hCryptProv), CALG_DH_EPHEM, ((1024<<16)|CRYPT_EXPORTABLE),
> &(*hKey2)))
> return wprintf(L"Failed to generate key with error code 0x%8.8X\n",
> GetLastError());
> BYTE buffer1[2048] = {0},
> buffer2[2048] = {0};
> DWORD dwLen = 2048;
> if (!CryptExportKey((*hKey2), NULL, PUBLICKEYBLOB, 0, buffer1, &dwLen))
> return wprintf(L"Failed to export key with error code 0x%8.8X\n",
> GetLastError());
> if (!CryptImportKey((*hCryptProv), buffer1, dwLen, *hKey1, 0, &(*hKey3)))
> return wprintf(L"Failed to import key with error code 0x%8.8X\n",
> GetLastError());
> DWORD algID = CALG_3DES;
> if (!CryptSetKeyParam((*hKey3), KP_ALGID, (BYTE*)&algID,
> (CRYPT_EXPORTABLE)))
> return wprintf(L"Failed to set key param with error code 0x%8.8X\n",
> GetLastError());
> if (!CryptExportKey((*hKey3), NULL, PLAINTEXTKEYBLOB, 0, buffer2, (dwLen =
> 2048, &dwLen)))
> return wprintf(L"Failed to export key with error code 0x%8.8X\n",
> GetLastError());
>
> (Note: C_HCRYPTPROVIDER and C_HCRYPTKEY are just a simple wrappers that
> implement *operator and automatic destructor. if you replace them with
> HCRYPTPROVIDER/HCRYPTKEY and replace "*XXX" with "XXX", than you should be
> able to compile and run the code)
>
> -Valery.
> http://www.harper.no/valery
>
> "Frank Perry" <FrankPerry@discussions.microsoft.com> wrote in message
> news:E686B93D-E493-4ABF-9B03-06FD91BF0F9B@microsoft.com...
> > Howdy,
> >
> > I'm trying to use Diffie-Hellman key exchange and am running into trouble.
> > I am trying to follow the MSDN documentation but there are gaps that I
> > can't
> > fill. The first part where side 1 makes a key seems to be OK. Where I'm
> > running into trouble is in the next step. It looks to be simple, import
> > the
> > blog from the first step but it always fails. I get an error that says I
> > have a "bad key" when I do the import. The message isn't in the
> > documentation for CryptKeyImport. There shouldn't be much of a key at all
> > at
> > that point as I'm trying to make one.
> >
> > This is a stripped down version of the code that fails. I have tried all
> > combinations of creating the key or not creating it before doing the
> > import.
> >
> > CryptAcquireContext(&hProv, szContextName, NULL, PROV_DSS_DH,
> > CRYPT_DELETEKEYSET);
> >
> > // Get a handle to the provider.
> > if(!CryptAcquireContext(&hProv,
> > szContextName,NULL,PROV_DSS_DH,CRYPT_NEWKEYSET))
> > {
> > m_csStatus = "Error during CryptAcquireContext!";
> > goto exit;
> > }
> >
> > // now for the key
> > if(!CryptGenKey(hProv,CALG_DH_EPHEM, CRYPT_PREGEN ,&hKey))
> > {
> > m_csStatus = "Error during CryptGenKey!";
> > goto exit;
> > }
> >
> > blbInt.cbData = m_dwKeyParamGSize;
> > blbInt.pbData = m_pbKeyParamG;
> >
> > // set the G
> > if(!CryptSetKeyParam(hKey, KP_G,(unsigned char*) &blbInt,0))
> > {
> > m_csStatus = "Error during CryptSetKeyParam G!";
> > goto exit;
> > }
> >
> > blbInt.cbData = m_dwKeyParamPSize;
> > blbInt.pbData = m_pbKeyParamP;
> >
> > // set the P
> > if(!CryptSetKeyParam(hKey,KP_P,(unsigned char*) &blbInt,0))
> > {
> > m_csStatus = "Error during CryptSetKeyParam P!";
> > goto exit;
> > }
> >
> > if(!CryptSetKeyParam(hKey, KP_X,NULL,0))
> > {
> > m_csStatus = "Error during CryptSetKeyParam G!";
> > goto exit;
> > }
> >
> > // now to import the key
> > if(!CryptImportKey(hProv, // in
> > m_pbKeyBlob,
> > m_dwKeyBlobSize,
> > 0, // hKey, // in
> > 0, //CRYPT_EXPORTABLE , // in
> > &hKey // out
> > ))
> > {
> > DoStatus("Error in CryptImportKey! ");
> > goto exit;
> > }
> >
> > The Blob
> > 000000 06 02 00 00 02 AA 00 00 00 44 48 31
> > 000010 00 02 00 00 60 93 E3 EE 33 40 64 2B 8C F1 59 21
> > 000020 15 4B C9 EC 0A 80 08 77 F2 07 01 C0 F4 1F 78 04
> > 000030 A7 F0 4C B5 18 DE 8B 6F 6F 6F 27 20 AE 7E 95 EE
> > 000040 BC 6F 16 60 F1 6E E4 23 A2 09 8B C9 00 16 3F C7
> > 000050 59 6A D1 27
> >
> > It looks good as far as I can see but still fails.
> >
> > Are there any cookbooks on programming the API in C++? The stuff I've
> > found
> > in almost as cryptic as the final output.
> >
> > Thanks in advance.
> > --
> > Frank Perry
> > LavaLeaf Software
>
>
- Next message: Michaelson Eitan: "Re: HAMC SHA1 with CryptoAPI"
- Previous message: Marco van Nieuwenhoven: "RE: HAMC SHA1 with CryptoAPI"
- In reply to: Valery Pryamikov: "Re: Diffie-Hellman problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
