diff options
author | lloyd <[email protected]> | 2010-03-08 14:33:27 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2010-03-08 14:33:27 +0000 |
commit | 075de69e745fb407c895475649dbe11483bf04bd (patch) | |
tree | 15b3e20dd898925c6e21ef9dcd7b751165a6f271 /doc/examples/dh.cpp | |
parent | ea38a42c2cfbc3a6235b11637b382589676c6286 (diff) |
Update DH example for PK changes
Diffstat (limited to 'doc/examples/dh.cpp')
-rw-r--r-- | doc/examples/dh.cpp | 43 |
1 files changed, 29 insertions, 14 deletions
diff --git a/doc/examples/dh.cpp b/doc/examples/dh.cpp index 4c6961234..23d6c3952 100644 --- a/doc/examples/dh.cpp +++ b/doc/examples/dh.cpp @@ -1,12 +1,12 @@ /* -* (C) 2009 Jack Lloyd +* (C) 2009-2010 Jack Lloyd * * Distributed under the terms of the Botan license */ #include <botan/botan.h> #include <botan/dh.h> -#include <botan/rng.h> +#include <botan/pubkey.h> using namespace Botan; #include <iostream> @@ -15,25 +15,40 @@ using namespace Botan; int main() { Botan::LibraryInitializer init; - + try { AutoSeeded_RNG rng; + // Alice and Bob agree on a DH domain to use + DL_Group shared_domain("modp/ietf/1024"); + // Alice creates a DH key and sends (the public part) to Bob - DH_PrivateKey private_a(rng, DL_Group("modp/ietf/1024")); - DH_PublicKey public_a = private_a; // Bob gets this + DH_PrivateKey private_a(rng, shared_domain); + + // Alice sends to Bob her public key: + MemoryVector<byte> public_a = private_a.public_value(); // Bob creates a key with a matching group - DH_PrivateKey private_b(rng, public_a.get_domain()); + DH_PrivateKey private_b(rng, shared_domain); + + // Bob sends his public key to Alice + MemoryVector<byte> public_b = private_b.public_value(); + + PK_Key_Agreement ka1(private_a, get_kdf("KDF2(SHA-1)")); + PK_Key_Agreement ka2(private_b, get_kdf("KDF2(SHA-1)")); - // Bob sends the key back to Alice - DH_PublicKey public_b = private_b; // Alice gets this + /* + * Preferably, include some salt or parameter that binds this key + * generation to the current session (for instance a session + * identifier, if guaranteed unique, would be a good choice). Or + * anything else that both sides can agree on that will never + * repeat. + */ + const std::string ka_salt = "alice and bob agree on a key"; - // Both of them create a key using their private key and the other's - // public key - SymmetricKey alice_key = private_a.derive_key(public_b); - SymmetricKey bob_key = private_b.derive_key(public_a); + SymmetricKey alice_key = ka1.derive_key(32, public_b, ka_salt); + SymmetricKey bob_key = ka2.derive_key(32, public_a, ka_salt); if(alice_key == bob_key) { @@ -42,12 +57,12 @@ int main() } else { - std::cout << "The two keys didn't match!\n"; + std::cout << "The two keys didn't match! Hmmm...\n"; std::cout << "Alice's key was: " << alice_key.as_string() << "\n"; std::cout << "Bob's key was: " << bob_key.as_string() << "\n"; } - // Now Alice and Bob hash the key and use it for something + // Now use the shared key for encryption or MACing or whatever } catch(std::exception& e) { |