Filter
Top Products
Performing Diffie-Hellman Key Agreement
252 RSA BSAFE Crypto-C Developer’s Guide
The second is a result algorithm object. Crypto-C will generate some values and will
need to place them somewhere. So you might as well place them into an algorithm
object now. (This is similar to generating an RSA key pair, where the results were
placed into key objects.) Create an algorithm object, but do not set it;
B_GenerateParameters will do that.
The third argument is a random algorithm. Complete Steps 1 through 4 of
“Generating Random Numbers” on page 165. You do not need random bytes, only an
algorithm that can generate them. The algorithm chooser you are using contains the
AM for SHA random number generation.
The last argument is a surrender context. Generating Diffie-Hellman parameters is
time-consuming; it can take up to two minutes. On slower machines, generating
parameters over 800-bits can take more than an hour. Use the surrender context
mentioned previously. It will print out a dot every second to let you know that
Crypto-C is computing and the machine has not crashed:
Step 6: Destroy
Remember to destroy your objects. Do not destroy the
dhParametersObj
object until
you have passed it on to the parties executing the agreement. The next section
discusses that point:
B_ALGORITHM_OBJ dhParametersObj = (B_ALGORITHM_OBJ)NULL_PTR;
if ((status = B_CreateAlgorithmObject (&dhParametersObj)) != 0)
break;
/* generalFlag is for this tutorial’s surrender function. */
generalFlag = 0;
if ((status = B_GenerateParameters
(dhParamGenerator, dhParametersObj, randomAlgorithm,
&generalSurrenderContext)) != 0)
break;
B_DestroyAlgorithmObject (&randomAlgorithm);
B_DestroyAlgorithmObject (&dhParamGenerator);