Re: Using CryptoAPI to do a DH key exchange with OpenSSL

PUBLICKEYBLOB is defined in the Platform SDK. However, I am not familiar with
the DH public key format in CAPI. (I can help with RSA public key format)
And right now it seems Microsoft screwed up its MSND Web pages - nothing can
be found :( hope they will fix it. soon...


typedef struct _PUBLICKEYSTRUC {
BYTE bType;
BYTE bVersion;
WORD reserved;
ALG_ID aiKeyAlg;

typedef struct _PUBKEY {
DWORD magic;
DWORD bitlen;

This must always be set to DH1 (0x31484400) when used for public-key BLOBs

typedef struct _PUBKEYVER3 {
DWORD magic;
DWORD bitlenP;
DWORD bitlenQ;
DWORD bitlenJ;

This must always be set to 0x33484400, the ASCII encoding of "DH3".

Maybe this helps...

Laszlo Elteto
SafeNet, Inc.

"edchan" wrote:

Endianness aside, what about the blob header, etc.? After calling
CryptExportKey() I get 144 bytes. I'm expecting 128. I tried
discarding the first 16 bytes. But what do I do with the 128 bytes
returned from the other side. Calling CryptImportKey likely won't work
because it is expecting a blob in MS CryptoAPI format (whatever that
is). I saw some docs regarding PUBLICKEYBLOB, but not sure what to
enter for the headers. Then I started wondering how WinInet is able to
do a DH key exchange when doing an SSL connection to an OpenSSL server,
for example.


lelteto wrote:
The public key (blob) format in MS CAPI is completely different than in other
crypt libs. Moreover ENDIANNESS is different, too: CAPI uses little endian
byte order, other libs (Cryptoki, OpenSSL, etc) are using the big endian =
network byte order. You would need to convert between the two formats.

Laszlo Elteto
SafeNet, Inc.

"edchan" wrote:

Hi there,

I'm trying to perform a DH key exchange between 2 parties. I can do it
if both ends are using the same crypto lib. But if one end is MS
CryptoAPI and the other is say OpenSSL, then I have problems. OpenSSL
<-> RSA BSAFE is ok, as is any other combination of OpenSSL, RSA,
Certicom. It's only CryptoAPI that I am having problems. The problem
seems to lie in that when I export the public key using
CryptExportKey(), i am getting a PUBLICKEYBLOB of 16 bytes more than
the other end's public key. I figured this 16 bytes might be some blob
header, so I strip that out. But when I get the 128 byte public key
from the end and try to import that, I think the CryptImportKey is
expecting a blob with a header? Is that correct? So I tried setting
the same header from my public key blob to see what would happen. Of
course that didn't work.

Can anybody give me some info or point me to some docs about how to get
CryptoAPI to play nice with other libs for DH? Since the 3 other libs
I've tried seem to be inter-operable, I assume there is something
non-standard that CryptoAPI is doing? Or there is an additional step I
am missing?



Relevant Pages

  • Re: Signing and verifying with key exchange
    ... The PublicKey field of struct CERT_PUBLIC_KEY_INFO needs to be an ASN.1 encoded public key. ... A PUBLICKEYBLOB structure is not ASN.1 encoded. ... the hash, import the public key (now you can do that in the PUBLICKEY_BLOB ...
  • Re: Publickey Blob (urgent)
    ... There are several ways to encode the "public key". ... The modulus and data encoded into PUBLICKEYBLOB is reverse-ordered. ...
  • Re: How to exchange keys C++ <-> Java ?
    ... Java favor receiving public keys in standard ... CryptoAPI uses its own PUBLICKEYBLOB format most easily ... Or how I can import public key, generated in Java, to ...
  • RE: RSA Decryption with CryptoAPI, key in PEM format
    ... what you get after Base64 decoding is not the public key ... Your code blindly set the public exponent to 65537 - which is USUALLY ... PUBLICKEYBLOB format which is a C struct with several elements. ...