Re: Using CryptoAPI to do a DH key exchange with OpenSSL

PUBLICKEYBLOB is defined in the Platform SDK. However, I am not familiar with
the DH public key format in CAPI. (I can help with RSA public key format)
And right now it seems Microsoft screwed up its MSND Web pages - nothing can
be found :( hope they will fix it. soon...


typedef struct _PUBLICKEYSTRUC {
BYTE bType;
BYTE bVersion;
WORD reserved;
ALG_ID aiKeyAlg;

typedef struct _PUBKEY {
DWORD magic;
DWORD bitlen;

This must always be set to DH1 (0x31484400) when used for public-key BLOBs

typedef struct _PUBKEYVER3 {
DWORD magic;
DWORD bitlenP;
DWORD bitlenQ;
DWORD bitlenJ;

This must always be set to 0x33484400, the ASCII encoding of "DH3".

Maybe this helps...

Laszlo Elteto
SafeNet, Inc.

"edchan" wrote:

Endianness aside, what about the blob header, etc.? After calling
CryptExportKey() I get 144 bytes. I'm expecting 128. I tried
discarding the first 16 bytes. But what do I do with the 128 bytes
returned from the other side. Calling CryptImportKey likely won't work
because it is expecting a blob in MS CryptoAPI format (whatever that
is). I saw some docs regarding PUBLICKEYBLOB, but not sure what to
enter for the headers. Then I started wondering how WinInet is able to
do a DH key exchange when doing an SSL connection to an OpenSSL server,
for example.


lelteto wrote:
The public key (blob) format in MS CAPI is completely different than in other
crypt libs. Moreover ENDIANNESS is different, too: CAPI uses little endian
byte order, other libs (Cryptoki, OpenSSL, etc) are using the big endian =
network byte order. You would need to convert between the two formats.

Laszlo Elteto
SafeNet, Inc.

"edchan" wrote:

Hi there,

I'm trying to perform a DH key exchange between 2 parties. I can do it
if both ends are using the same crypto lib. But if one end is MS
CryptoAPI and the other is say OpenSSL, then I have problems. OpenSSL
<-> RSA BSAFE is ok, as is any other combination of OpenSSL, RSA,
Certicom. It's only CryptoAPI that I am having problems. The problem
seems to lie in that when I export the public key using
CryptExportKey(), i am getting a PUBLICKEYBLOB of 16 bytes more than
the other end's public key. I figured this 16 bytes might be some blob
header, so I strip that out. But when I get the 128 byte public key
from the end and try to import that, I think the CryptImportKey is
expecting a blob with a header? Is that correct? So I tried setting
the same header from my public key blob to see what would happen. Of
course that didn't work.

Can anybody give me some info or point me to some docs about how to get
CryptoAPI to play nice with other libs for DH? Since the 3 other libs
I've tried seem to be inter-operable, I assume there is something
non-standard that CryptoAPI is doing? Or there is an additional step I
am missing?