|
|
|
date: Tue, 22 Jul 2008 17:29:58 +0800,
group: microsoft.public.platformsdk.security
back
CryptSetKeyParam on KP_G with a DH key
Hi, i am trying to set the DH generator to 2 using CryptSetKeyParam but its
giving me NTE_BAD_DATA heres the sequence:
CryptAcquireContext&hProv,NULL,MS_ENH_DSS_DH_PROV,PROV_DSS_DH,
CRYPT_DELETEKEYSET)
CryptAcquireContext&hProv,NULL,MS_ENH_DSS_DH_PROV,PROV_DSS_DH,
CRYPT_NEWKEYSET)
CryptGenKey(hProv,CALG_DH_EPHEM,CRYPT_PREGEN,&hKey)
CryptSetKeyParam(hKey,KP_P,(PBYTE)&bPrime,0)
--->this is successful
the prime(bigendian) is:
static BYTE P1[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, 0x21,
0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,0x29, 0x02,
0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,0x3B, 0x13, 0x9B,
0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF, 0x95, 0x19,
0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 0xE4,
0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, 0xA6,
0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38,
0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B,
0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
};
I convert this prime to little endian before setting K_P then i have:
static BYTE G[] = {0x02};
CRYPT_DATA_BLOB bG;
bG.cbData = 1;
bG.pbData = G;
CryptSetKeyParam(hKey,KP_G,(PBYTE)&bG,0)
This call fails. basically I want to use P and G values specified in Oakley
Group 2 [RFC2409] 1024-bit MODP Group. Any idea as to what i could be doing
wrong here ?
Thanks
Neelabh
url:http://www.ureader.com/gp/1659-1.aspx
date: Tue, 22 Jul 2008 17:29:58 +0800
author: dd
Re: CryptSetKeyParam on KP_G with a DH key
On Tue, 22 Jul 2008 17:29:58 +0800, dd wrote:
> Hi, i am trying to set the DH generator to 2 using CryptSetKeyParam but
> its giving me NTE_BAD_DATA heres the sequence:
>
>
> CryptAcquireContext&hProv,NULL,MS_ENH_DSS_DH_PROV,PROV_DSS_DH,
> CRYPT_DELETEKEYSET)
>
> CryptAcquireContext&hProv,NULL,MS_ENH_DSS_DH_PROV,PROV_DSS_DH,
> CRYPT_NEWKEYSET)
>
> CryptGenKey(hProv,CALG_DH_EPHEM,CRYPT_PREGEN,&hKey)
>
> CryptSetKeyParam(hKey,KP_P,(PBYTE)&bPrime,0) --->this is successful
>
> the prime(bigendian) is:
>
> static BYTE P1[] = {
>
> 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
> 0x21,
> 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,0x29,
> 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,0x3B,
> 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF,
> 0x95, 0x19,
> 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14,
> 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 0xE4,
> 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, 0xA6,
> 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE,
> 0x38,
> 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B,
> 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81, 0xFF, 0xFF,
> 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
> I convert this prime to little endian before setting K_P then i have:
>
> static BYTE G[] = {0x02};
> CRYPT_DATA_BLOB bG;
> bG.cbData = 1;
> bG.pbData = G;
>
> CryptSetKeyParam(hKey,KP_G,(PBYTE)&bG,0)
>
> This call fails. basically I want to use P and G values specified in
> Oakley Group 2 [RFC2409] 1024-bit MODP Group. Any idea as to what i
> could be doing wrong here ?
You are almost there. Simply fill the KP_G with nulls so that the
number of bytes is the same as KP_P.
--
Mark
date: Tue, 22 Jul 2008 22:09:31 -0500
author: Mark Pryor
Re: CryptSetKeyParam on KP_G with a DH key
Amazing ! it works. Thanks Mark, appreciate your help.
"Mark Pryor" wrote:
> On Tue, 22 Jul 2008 17:29:58 +0800, dd wrote:
>
> > Hi, i am trying to set the DH generator to 2 using CryptSetKeyParam but
> > its giving me NTE_BAD_DATA heres the sequence:
> >
> >
> > CryptAcquireContext&hProv,NULL,MS_ENH_DSS_DH_PROV,PROV_DSS_DH,
> > CRYPT_DELETEKEYSET)
> >
> > CryptAcquireContext&hProv,NULL,MS_ENH_DSS_DH_PROV,PROV_DSS_DH,
> > CRYPT_NEWKEYSET)
> >
> > CryptGenKey(hProv,CALG_DH_EPHEM,CRYPT_PREGEN,&hKey)
> >
> > CryptSetKeyParam(hKey,KP_P,(PBYTE)&bPrime,0) --->this is successful
> >
> > the prime(bigendian) is:
> >
> > static BYTE P1[] = {
> >
> > 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
> > 0x21,
> > 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,0x29,
> > 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,0x3B,
> > 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, 0xEF,
> > 0x95, 0x19,
> > 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14,
> > 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, 0xE4,
> > 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, 0xA6,
> > 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE,
> > 0x38,
> > 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B,
> > 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81, 0xFF, 0xFF,
> > 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
> > I convert this prime to little endian before setting K_P then i have:
> >
> > static BYTE G[] = {0x02};
> > CRYPT_DATA_BLOB bG;
> > bG.cbData = 1;
> > bG.pbData = G;
> >
> > CryptSetKeyParam(hKey,KP_G,(PBYTE)&bG,0)
> >
> > This call fails. basically I want to use P and G values specified in
> > Oakley Group 2 [RFC2409] 1024-bit MODP Group. Any idea as to what i
> > could be doing wrong here ?
>
> You are almost there. Simply fill the KP_G with nulls so that the
> number of bytes is the same as KP_P.
>
> --
> Mark
>
date: Wed, 23 Jul 2008 00:12:01 -0700
author: Neelabh Mam Neelabh
|
|
