<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:DengXian;
panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"\@DengXian";
panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
{font-family:-apple-system;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:1784809341;
mso-list-type:hybrid;
mso-list-template-ids:1092285636 67698699 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:\F0D8;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">Dear OpenSSL Team,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">While migrating to OpenSSL 3.0 we are facing issue with use of DH_generate_key(). Getting dh->pub_key NULL.<o:p></o:p></p>
<p class="MsoNormal">Logic used is as given below, I have omitted the error handling code.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoListParagraph" style="margin-left:0in;mso-list:l0 level1 lfo1">p and g buffer is of type unsigned char *<o:p></o:p></li><li class="MsoListParagraph" style="margin-left:0in;mso-list:l0 level1 lfo1">p_len is 128 and g_len is 1.<o:p></o:p></li></ul>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> DH *dh;<o:p></o:p></p>
<p class="MsoNormal" style="text-indent:.5in">dh = DH_new();<o:p></o:p></p>
<p class="MsoNormal" style="text-indent:.5in">dh->params.p = BN_bin2bn(p, p_len, NULL);<o:p></o:p></p>
<p class="MsoNormal" style="text-indent:.5in">dh->params.g = BN_bin2bn(g, g_len, NULL);<o:p></o:p></p>
<p class="MsoNormal" style="text-indent:.5in">DH_generate_key(dh);<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">I have checked openssl man pages (<a href="https://www.openssl.org/docs/manmaster/man3/DH_generate_key.html">https://www.openssl.org/docs/manmaster/man3/DH_generate_key.html</a>).<o:p></o:p></p>
<p class="MsoNormal">According to which DH_generate_key() expects dh to contain the shared parameters p and g only, still not able to generate pub_key.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Tried solutions given on following links:<o:p></o:p></p>
<p class="MsoNormal"><b>Approach 1:<o:p></o:p></b></p>
<p class="MsoNormal"><a href="https://github.com/openssl/openssl/issues/11108">https://github.com/openssl/openssl/issues/11108</a><o:p></o:p></p>
<p class="MsoNormal"> <span style="font-size:10.5pt;font-family:-apple-system;color:#24292F;background:white">
Used DH_new_by_nid() instead of DH_new() .<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.5pt;font-family:-apple-system;color:#24292F;background:white"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span style="font-size:10.5pt;font-family:-apple-system;color:#24292F;background:white">Approach 2:<o:p></o:p></span></b></p>
<p class="MsoNormal"><span style="font-size:10.5pt;font-family:-apple-system;color:#24292F;background:white">We were skeptical about the values of p and g so tried setting valid values for p q and g using DH_set0_pqg().<o:p></o:p></span></p>
<p class="MsoNormal" style="text-indent:.5in"><span style="font-size:10.5pt;font-family:-apple-system;color:#24292F;background:white"><o:p> </o:p></span></p>
<p class="MsoNormal" style="text-indent:.5in"><span style="font-size:10.5pt;font-family:-apple-system;color:#24292F;background:white">BIGNUM *a = BN_bin2bn(p, p_len, NULL);<o:p></o:p></span></p>
<p class="MsoNormal" style="text-indent:.5in"><span style="font-size:10.5pt;font-family:-apple-system;color:#24292F;background:white">BIGNUM *b = BN_bin2bn(g, g_len, NULL);<o:p></o:p></span></p>
<p class="MsoNormal" style="text-indent:.5in"><span style="font-size:10.5pt;font-family:-apple-system;color:#24292F;background:white">DH_set0_pqg(dh, a, NULL, b);<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.5pt;font-family:-apple-system;color:#24292F;background:white"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.5pt;font-family:-apple-system;color:#24292F;background:white">But this did not help, as this set function does not change q value if NULL is passed.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.5pt;font-family:-apple-system;color:#24292F;background:white">We don’t have idea about what can be a valid value for q which we can set.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.5pt;font-family:-apple-system;color:#24292F;background:white"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span style="font-size:10.5pt;font-family:-apple-system;color:#24292F;background:white">Approach 3:<o:p></o:p></span></b></p>
<p class="MsoNormal"><span style="font-size:10.5pt;font-family:-apple-system;color:#24292F;background:white">Currently working on the solution given on this link, using EVP wrappers for DH key generation.
<o:p></o:p></span></p>
<p class="MsoNormal"><a href="https://www.mail-archive.com/openssl-users@openssl.org/msg88906.html">https://www.mail-archive.com/openssl-users@openssl.org/msg88906.html</a><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Please help to look into this and guide with possible solutions.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thanks,<o:p></o:p></p>
<p class="MsoNormal">Priyanka<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>
<!--type:text--><!--{--><pre>************* MEDIATEK Confidentiality Notice
********************
The information contained in this e-mail message (including any
attachments) may be confidential, proprietary, privileged, or otherwise
exempt from disclosure under applicable laws. It is intended to be
conveyed only to the designated recipient(s). Any use, dissemination,
distribution, printing, retaining or copying of this e-mail (including its
attachments) by unintended recipient(s) is strictly prohibited and may
be unlawful. If you are not an intended recipient of this e-mail, or believe
that you have received this e-mail in error, please notify the sender
immediately (by replying to this e-mail), delete any and all copies of
this e-mail (including any attachments) from your system, and do not
disclose the content of this e-mail to any other person. Thank you!
</pre><!--}-->