aboutsummaryrefslogtreecommitdiffstats
path: root/doc/examples/dh.cpp
diff options
context:
space:
mode:
authorlloyd <[email protected]>2010-03-08 14:33:27 +0000
committerlloyd <[email protected]>2010-03-08 14:33:27 +0000
commit075de69e745fb407c895475649dbe11483bf04bd (patch)
tree15b3e20dd898925c6e21ef9dcd7b751165a6f271 /doc/examples/dh.cpp
parentea38a42c2cfbc3a6235b11637b382589676c6286 (diff)
Update DH example for PK changes
Diffstat (limited to 'doc/examples/dh.cpp')
-rw-r--r--doc/examples/dh.cpp43
1 files changed, 29 insertions, 14 deletions
diff --git a/doc/examples/dh.cpp b/doc/examples/dh.cpp
index 4c6961234..23d6c3952 100644
--- a/doc/examples/dh.cpp
+++ b/doc/examples/dh.cpp
@@ -1,12 +1,12 @@
/*
-* (C) 2009 Jack Lloyd
+* (C) 2009-2010 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
#include <botan/botan.h>
#include <botan/dh.h>
-#include <botan/rng.h>
+#include <botan/pubkey.h>
using namespace Botan;
#include <iostream>
@@ -15,25 +15,40 @@ using namespace Botan;
int main()
{
Botan::LibraryInitializer init;
-
+
try
{
AutoSeeded_RNG rng;
+ // Alice and Bob agree on a DH domain to use
+ DL_Group shared_domain("modp/ietf/1024");
+
// Alice creates a DH key and sends (the public part) to Bob
- DH_PrivateKey private_a(rng, DL_Group("modp/ietf/1024"));
- DH_PublicKey public_a = private_a; // Bob gets this
+ DH_PrivateKey private_a(rng, shared_domain);
+
+ // Alice sends to Bob her public key:
+ MemoryVector<byte> public_a = private_a.public_value();
// Bob creates a key with a matching group
- DH_PrivateKey private_b(rng, public_a.get_domain());
+ DH_PrivateKey private_b(rng, shared_domain);
+
+ // Bob sends his public key to Alice
+ MemoryVector<byte> public_b = private_b.public_value();
+
+ PK_Key_Agreement ka1(private_a, get_kdf("KDF2(SHA-1)"));
+ PK_Key_Agreement ka2(private_b, get_kdf("KDF2(SHA-1)"));
- // Bob sends the key back to Alice
- DH_PublicKey public_b = private_b; // Alice gets this
+ /*
+ * Preferably, include some salt or parameter that binds this key
+ * generation to the current session (for instance a session
+ * identifier, if guaranteed unique, would be a good choice). Or
+ * anything else that both sides can agree on that will never
+ * repeat.
+ */
+ const std::string ka_salt = "alice and bob agree on a key";
- // Both of them create a key using their private key and the other's
- // public key
- SymmetricKey alice_key = private_a.derive_key(public_b);
- SymmetricKey bob_key = private_b.derive_key(public_a);
+ SymmetricKey alice_key = ka1.derive_key(32, public_b, ka_salt);
+ SymmetricKey bob_key = ka2.derive_key(32, public_a, ka_salt);
if(alice_key == bob_key)
{
@@ -42,12 +57,12 @@ int main()
}
else
{
- std::cout << "The two keys didn't match!\n";
+ std::cout << "The two keys didn't match! Hmmm...\n";
std::cout << "Alice's key was: " << alice_key.as_string() << "\n";
std::cout << "Bob's key was: " << bob_key.as_string() << "\n";
}
- // Now Alice and Bob hash the key and use it for something
+ // Now use the shared key for encryption or MACing or whatever
}
catch(std::exception& e)
{