zoukankan      html  css  js  c++  java
  • DiffieHellman Key Exchange (DH)源代码

    see also:http://www.example-code.com/vcpp/dh_key_exchange.asp
    #include <CkDh.h>
    #include <CkCrypt2.h>
    
    void ChilkatSample(void)
        {
        //  Create two separate instances of the DH object.
        CkDh dhBob;
        CkDh dhAlice;
    
        bool success;
    
        //  Unlock the component once at program startup...
        success = dhBob.UnlockComponent("Anything for 30-day trial");
        if (success != true) {
            printf("%s\n",dhBob.lastErrorText());
            return;
        }
    
        //  The DH algorithm begins with a large prime, P, and a generator, G.
        //  These don't have to be secret, and they may be transmitted over an insecure channel.
        //  The generator is a small integer and typically has the value 2 or 5.
    
        //  The Chilkat DH component provides the ability to use known
        //  "safe" primes, as well as a method to generate new safe primes.
    
        //  This example will use a known safe prime.  Generating
        //  new safe primes is a time-consuming CPU intensive task
        //  and is normally done offline.
    
        //  Bob will choose to use the 2nd of our 8 pre-chosen safe primes.
        //  It is the Prime for the 2nd Oakley Group (RFC 2409) --
        //  1024-bit MODP Group.  Generator is 2.
        //  The prime is: 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }
        dhBob.UseKnownPrime(2);
    
        //  The computed shared secret will be equal to the size of the prime (in bits).
        //  In this case the prime is 1024 bits, so the shared secret will be 128 bytes (128 * 8 = 1024).
        //  However, the result is returned as an SSH1-encoded bignum in hex string format.
        //  The SSH1-encoding prepends a 2-byte count, so the result is going  to be 2 bytes
        //  longer: 130 bytes.  This results in a hex string that is 260 characters long (two chars
        //  per byte for the hex encoding).
    
        const char * p;
        long g;
        //  Bob will now send P and G to Alice.
        p = dhBob.p();
        g = dhBob.get_G();
    
        //  Alice calls SetPG to set P and G.  SetPG checks
        //  the values to make sure it's a safe prime and will
        //  return false if not.
        success = dhAlice.SetPG(p,g);
        if (success != true) {
            printf("P is not a safe prime\n");
            return;
        }
    
        //  Each side begins by generating an "E"
        //  value.  The CreateE method has one argument: numBits.
        //  It should be set to twice the size of the number of bits
        //  in the session key.
    
        //  Let's say we want to generate a 128-bit session key
        //  for AES encryption.  The shared secret generated by the Diffie-Hellman
        //  algorithm will be longer, so we'll hash the result to arrive at the
        //  desired session key length.  However, the length of the session
        //  key we'll utlimately produce determines the value that should be
        //  passed to the CreateE method.
    
        //  In this case, we'll be creating a 128-bit session key, so pass 256 to CreateE.
        //  This setting is for security purposes only -- the value
        //  passed to CreateE does not change the length of the shared secret
        //  that is produced by Diffie-Hellman.
        //  Also, there is no need to pass in a value larger
        //  than 2 times the expected session key length.  It suffices to
        //  pass exactly 2 times the session key length.
    
        //  Bob generates a random E (which has the mathematical
        //  properties required for DH).
        const char * eBob;
        eBob = dhBob.createE(256);
    
        //  Alice does the same:
        const char * eAlice;
        eAlice = dhAlice.createE(256);
    
        //  The "E" values are sent over the insecure channel.
        //  Bob sends his "E" to Alice, and Alice sends her "E" to Bob.
    
        //  Each side computes the shared secret by calling FindK.
        //  "K" is the shared-secret.
    
        const char * kBob;
        const char * kAlice;
    
        //  Bob computes the shared secret from Alice's "E":
        kBob = dhBob.findK(eAlice);
    
        //  Alice computes the shared secret from Bob's "E":
        kAlice = dhAlice.findK(eBob);
    
        //  Amazingly, kBob and kAlice are identical and the expected
        //  length (260 characters).  The strings contain the hex encoded bytes of
        //  our shared secret:
        printf("Bob's shared secret:\n");
        printf("%s\n",kBob);
        printf("Alice's shared secret (should be equal to Bob's)\n");
        printf("%s\n",kAlice);
    
        //  To arrive at a 128-bit session key for AES encryption, Bob and Alice should
        //  both transform the raw shared secret using a hash algorithm that produces
        //  the size of session key desired.   MD5 produces a 16-byte (128-bit) result, so
        //  this is a good choice for 128-bit AES.
    
        //  Here's how you would use Chilkat Crypt (a separate Chilkat component) to
        //  produce the session key:
        CkCrypt2 crypt;
        success = crypt.UnlockComponent("Anything for 30-day trial.");
        if (success != true) {
            printf("%s\n",crypt.lastErrorText());
            return;
        }
    
        crypt.put_EncodingMode("hex");
        crypt.put_HashAlgorithm("md5");
    
        const char * sessionKey;
        sessionKey = crypt.hashStringENC(kBob);
    
        printf("128-bit Session Key:\n");
        printf("%s\n",sessionKey);
    
        //  Encrypt something...
        crypt.put_CryptAlgorithm("aes");
        crypt.put_KeyLength(128);
        crypt.put_CipherMode("cbc");
    
        //  Use an IV that is the MD5 hash of the session key...
        const char * iv;
        iv = crypt.hashStringENC(sessionKey);
    
        //  AES uses a 16-byte IV:
        printf("Initialization Vector:\n");
        printf("%s\n",iv);
    
        crypt.SetEncodedKey(sessionKey,"hex");
        crypt.SetEncodedIV(iv,"hex");
    
        //  Encrypt some text:
        const char * cipherText64;
    
        crypt.put_EncodingMode("base64");
        cipherText64 = crypt.encryptStringENC("The quick brown fox jumps over the lazy dog");
        printf("%s\n",cipherText64);
    
        const char * plainText;
        plainText = crypt.decryptStringENC(cipherText64);
    
        printf("%s\n",plainText);
        }
    
    
  • 相关阅读:
    [转载]Shell十三问(入门与提高)
    [转载]FPGA学习步骤
    matlab设计切比雪夫低通滤波器
    累加器A与ACC区别
    [转载]3分钟设计滤波器
    [转载]卷积运算的实际意义
    [转载]CRC校验原理
    一个怂女婿的成长笔记【三】
    一个怂女婿的成长笔记【一】
    一个怂女婿的成长笔记【二】
  • 原文地址:https://www.cnblogs.com/jjkv3/p/1800262.html
Copyright © 2011-2022 走看看