DH_generate_key

Matt Caswell matt at openssl.org
Wed Dec 9 15:31:51 UTC 2020



On 08/12/2020 17:43, Narayana, Sunil Kumar wrote:
> Dear openssl team,
> 
>  
> 
>                 While migrating from 1.0.2 to 3.0,  we found that
> DH_generate_key() has be deprecated. And as per the man page, it is
> advised to use EVP_PKEY_derive_init
> <https://www.openssl.org/docs/manmaster/man3/EVP_PKEY_derive_init.html>
>  & EVP_PKEY_derive
> <https://www.openssl.org/docs/manmaster/man3/EVP_PKEY_derive.html>
> 

The reference to EVP_PKEY_derive_init/EVP_PKEY_derive is a bit
misleading, because those are replacements for DH_compute_key() not
DH_generate_key().

The equivalents for DH_generate_key() are EVP_PKEY_keygen_init() and
EVP_PKEY_gen().

https://www.openssl.org/docs/manmaster/man3/EVP_PKEY_gen.html



> our application creates a new DH and using DH_generate_key()

How do you set up the DH parameters? Do you load them from a file or
generate them in your application? Or some other way? Will it break your
application if you swap to using different parameters, or must you
retain support for the old ones?

The first step is to create an EVP_PKEY object containing the DH
parameters. How to do that depends on the answers to the above questions.


> creates
> pub_key/priv_key and uses it. how can we replace this exactly with EVP.
> 


As noted by Daniel in this response to your question there are examples
on the EVP_PKEY-DH manual page.

https://www.openssl.org/docs/manmaster/man7/EVP_PKEY-DH.html

Assuming you have set up the parameters in an EVP_PKEY object
(param_key) then this is the relevant example:


    EVP_PKEY *key = NULL;
    EVP_PKEY_CTX *gctx = EVP_PKEY_CTX_new_from_pkey(NULL, param_key, NULL);

    EVP_PKEY_keygen_init(gctx);
    EVP_PKEY_gen(gctx, &key);
    EVP_PKEY_print_private(bio_out, key, 0, NULL);
    ...
    EVP_PKEY_free(key);
    EVP_PKEY_CTX_free(gctx);


This gives you a generated DH key in the "key" object.


Matt


> And please suggest what EVP API’s should we use to generate pub/priv keys ?
> 
>  
> 
> _Application code_
> 
> _ _
> 
>     dh = DH_new();
> 
>     dh->p = BN_bin2bn(modSize, octet_len, NULL);
> 
>     dh->g = BN_bin2bn(H235Bits_generator, H235Bits_generator_len / 8, NULL);
> 
>  
> 
>     if ( ! DH_generate_key(dh) )
> 
>     {
> 
>         return FAILURE;
> 
>     }
> 
>     n = (unsigned) BN_num_bytes(dh->pub_key);
> 
>   
> 
>     BN_bn2bin(dh->pub_key, p);
> 
>     n = (unsigned) BN_num_bytes(dh->priv_key);
> 
>  
> 
>  
> 
> Instead above logic can we do this ? is derive generated pub/priv keys ?
> 
>  
> 
> //create ctx
> 
> Ctx = EVP_PKEY_CTX_new_from_name (NULL, “DM”, NULL);
> 
> EVP_PKEY_derive_init (ctx)
> 
>  
> 
>  
> 
> Regards,
> 
> Sunil
> 
> 
> 
> ------------------------------------------------------------------------
> Notice: This e-mail together with any attachments may contain
> information of Ribbon Communications Inc. that is confidential and/or
> proprietary for the sole use of the intended recipient. Any review,
> disclosure, reliance or distribution by others or forwarding without
> express permission is strictly prohibited. If you are not the intended
> recipient, please notify the sender immediately and then delete all
> copies, including any attachments.
> ------------------------------------------------------------------------


More information about the openssl-users mailing list