OpenSSL使用固定值生成Diffie Hellman密钥 [英] OpenSSL used fixed Values for Diffie Hellman Key generation

问题描述

根据该文档: https://wiki.openssl.org/index.php/Diffie_Hellman#Using_the_Low_Level_APIs

使用Diffie Hellman的低级API(需要执行组密钥协议).

Using the Low level API's for Diffie Hellman (need to perform a group Key agreement).

为简单起见，我需要为Diffie Hellman p和g值提供固定值，现在我使用函数DH_generate_parameters_ex，但是使用这些选项的任何解决方案都可能会增加通信开销，并且和g为Diffie Hellman提供了良好的安全性.

For simplicity I need to provide fixed values for Diffie Hellman p and g values for now I use the function DH_generate_parameters_ex but any solution using these options may add a communication overhead and there are fixed values for p and g for Diffie Hellman offering good security.

因此，使用基于配置的方法约定，如何设置固定值，尤其是此 RFC中指定的值实时生成opensl的​​openssl低级api fore吗?

So using the approach convention over configuration, how I can set fixed values especially the ones specified in this RFC to openssl low-level api fore diffie hellman instyead of generating ones on the fly?

PS我使用的是OpenSSL版本1.0.2g.

PS I use the OpenSSL version 1.0.2g.

推荐答案

根据素数. openssl.org/docs/man1.1.0/man3/DH_get_1024_160.html"rel =" nofollow noreferrer>此手册页(如果在1.1.0+上，也应该在您的系统上使用这些名称)–实际上在代码中回到1.0.0之前，但是没有BN_前缀(尽管在bn.h标头中)并且以前没有记录. (在1.1.0+中，如果设置了兼容性，则还会对旧名称进行#define.)

The (outer) primes for the RFC3526 and RFC2409 groups are builtin, per this man page (should also be on your system under those names if 1.1.0+) -- they are actually in the code back to before 1.0.0 but without the BN_ prefix (though in the bn.h header) and previously undocumented. (In 1.1.0+ the old names are additionally #define'd if compatibility is set.)

AFAICS，您必须自己添加生成器，例如:

AFAICS you must add the generator yourself, something like:

DH *dh = DH_new(); BIGNUM *two = BN_new(); 
if( !dh || !two ) /* error */;
BN_set_word(two,2); 

// corrected AGAIN!
DH_set0_pqg (dh, BN_dup(BN_get_rfc3526_prime_2048(NULL)), NULL, two);

// added: below 1.1.0 many API structs were not opaque, just
dh->p = BN_dup(/*not BN_*/ get_rfc3526_prime_2048(NULL));
dh->g = two; 
// leave q as unspecified

注意RFC5114 modp参数可以以DH*格式预先构建，但仅在1.1.0+中可用.

Note RFC5114 modp parameters are available prebuilt in DH* form but only in 1.1.0+.

这篇关于OpenSSL使用固定值生成Diffie Hellman密钥的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！