问题
I am trying to replace a openssl code to CNG winapi code. Below is the barebone openssl code which i have.
const char *generator = ""; // 256 character hex string
const char *prime = ""; // 256 character hex string
dh = DH_new();
// Initialize dh's generator and prime
BN_hex2bn(&(dh->g), generator);
BN_hex2bn(&(dh->p), prime);
// Generate public and private keys
DH_generate_key(dh);
// Extract server's public key from init_msg's 'key'
BIGNUM *server_pub_key = BN_new();
BN_hex2bn(&server_pub_key, " *** 256 character server public key as hex string ***");
// Use DH to calculate the shared key
vector<unsigned char> shared_key;
shared_key.resize(DH_size(dh));
err = DH_compute_key(shared_key.data(), server_pub_key, dh);
the above code generated a shared key of 256 characters hex string(128 Bytes). What is the key agreement function used by openssl to create such key. Thanks in advance.
回答1:
It doesn't. Or "the NULL KDF", or f(x) -> x.
DH_compute_key does the raw DH operation and returns the result.
None of the documented KDF values to BCryptDeriveKey return the raw value. It's always possible that they've added BCRYPT_KDF values that haven't made it to docs yet, you'd need to check bcrypt.h from the latest SDK releases.
回答2:
What you get is just the direct result of Diffie-Hellman (DH) key agreement, before any KDF is being used. I'm not sure what you expect us to say besides this. It's an unsigned big endian number in the range up to the size of the key (1024 bits) in bytes (128 bytes).
That would be BCRYPT_DH_ALGORITHM of course.
来源:https://stackoverflow.com/questions/46432287/what-is-the-key-agreement-or-key-derivation-function-used-by-openssl