Performing Diffie-Hellman Key Agreement
258 RSA BSAFE Crypto-C Developer’s Guide
The fourth is the size of the buffer you allocated; if the buffer is not big enough to hold
the output, Crypto-C will generate an error.
The fifth argument is a random algorithm object. For this, complete Steps 1 through 4
of “Generating Random Numbers” on page165. You d o not need random bytes, only
an algorithm that can generate them.
The last argument is a surrender context. This function does not return immediately,
so a surrender context is helpful. Use the one outlined in “The Surrender Context” on
page 118:
Step 5: Phase 2After you have computed your public value, you must send it off to the other party
and receive their public value. You need the same algorithm object from Phase 1 to
complete Phase 2. See “Saving the Object State” on page 259 for information on how
to do this.
The input of B_KeyAgreePhase2 is the other party’s public value; the output is the
agreed-upon secret value. The output will be the same size as the prime; you must
allocate the space to hold this output. Although the output will be at least 32 bytes, the
unsigned char *myPublicValue = NULL_PTR;
unsigned int myPublicValueLen;
A_DH_KEY_AGREE_PARAMS *getParams;
/* Find out how big the prime is so we know how many bytes to
allocate for the public value buffer. */
if ((status = B_GetAlgorithmInfo
((POINTER *)&getParams, dhKeyAgreeAlg, AI_DHKeyAgree)) != 0)
break;
myPublicValue = T_malloc (getParams->prime.len);
if ((status = (myPublicValue == NULL_PTR)) != 0)
break;
/* generalFlag is for the surrender function.*/
generalFlag = 0;
if ((status = B_KeyAgreePhase1
(dhKeyAgreeAlg, myPublicValue, &myPublicValueLen,
getParams->prime.len, randomAlgorithm,
&generalSurrenderContext)) != 0)
break;