SSLStream将DH密钥协议2048(组14)设置为P-256 [英] SSLStream set DH key agreement 2048 (Group 14) to P-256

问题描述

你好

在将SSLStream用作服务器时如何设置密钥协议的质数和生成者编号?

how to set the prime and generator number of the key agreement when using SSLStream as a server? 

更具体地说，我需要将DH组14与P-256曲线中的参数一起用于TLS密钥协议.我设法通过设置"\ CurrentControlSet \ Control \ SecurityProviders \ SCHANNEL \ KeyExchangeAlgorithms \ Diffie-Hellman \ ServerMinKeyBitLength"来将密钥长度设置为2048. 如何为握手密钥协议设置或预先设置p和g数?

More specific, I need to use DH group 14 with parameters from P-256 curve for the TLS key agreement. I manage to set the key length to 2048 by setting "\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\Diffie-Hellman\ServerMinKeyBitLength". How to set or pre set the p- and g-number for the handshake key agreement?

非常感谢您，

csharberB

csharberB

推荐答案

您好csharprB，

Hi csharprB,

谢谢您的发帖.

>> 对于此问题，您可以使用 此SslStream使用的密钥交换算法.

For this question, you could use the SslStream.KeyExchangeAlgorithm Property to get the key exchange algorithm used by this SslStream.

然后根据算法设置密钥协议的素数和生成器编号.

>> 如何为握手密钥协议设置或预先设置p和g数字?

>>How to set or pre set the p- and g-number for the handshake key agreement?

Diffie-Hellman密钥协商方法.

For the use of DH group 14 to set the prime and generator, you could refer to the article Diffie-Hellman Key Agreement Method.

我希望这会有所帮助.

最好的问候，

Wendy

这篇关于SSLStream将DH密钥协议2048(组14)设置为P-256的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！