Performing Diffie-Hellman Key Agreement
254 RSA BSAFE Crypto-C Developer’s Guide
If you look at the elements of the struct:
dhKeyAgreeParams->prime.data
dhKeyAgreeParams->prime.len
dhKeyAgreeParams->base.data
dhKeyAgreeParams->base.len
dhKeyAgreeParams->exponentBits
you will see the parameters Crypto-C generated. This is the information the central
authority sends to the participants in the key agreement. Copy this information to a
file or diskette, for instance, and pass it on.
If you want to email the information, you will not be able to send the information over
most e-mail systems because the data is in binary form, not ASCII. Crypto-C offers
encoding and decoding functions to convert between binary and ASCII. See
“Converting Data Between Binary and ASCII” on page 172 for more information.
BER FormatThere is a problem with distributing the parameters in the previous structure. The
struct is not standard; it is unique to Crypto-C. If one or both of the parties are not
using Crypto-C, how do you give them the information? The standard is ASN.1,
which defines Basic Encoding Rules (BER) and Distinguished Encoding Rules (DER).
See “BER/DER Encoding” on page123 for a description of this topic.
The central authority puts the parameters into DER format, encodes them, and emails
the encoding. The parties decode the DER string and convert that information into the
parameters in the format of their choice.
This sounds difficult, but Crypto-C offers a means of doing it simply. Here, to obtain
the parameters, you used B_GetAlgorithmInfo with AI_DHKeyAgree. Chapter 2 of the
Reference Manual lists AI_DHKeyAgreeBER, which states:
A_DH_KEY_AGREE_PARAMS *dhKeyAgreeParams =
(A_DH_KEY_AGREE_PARAMS *)NULL_PTR;
if ((status = B_GetAlgorithmInfo
((POINTER *)&dhKeyAgreeParams, dhParametersObj,
AI_DHKeyAgree)) != 0)
break;