noloader
commented
7 years ago Hi Evan. Thanks for the report, and sorry about the late reply.
What do you want us to do? As a user, what are the top 2 or 3 things to make your job easier?
Closed ecarew closed 7 years ago
noloader
commented
7 years ago Hi Evan. Thanks for the report, and sorry about the late reply.
What do you want us to do? As a user, what are the top 2 or 3 things to make your job easier?
ecarew
commented
7 years ago Well, one cheap, though unappealing solution is to simply update the example so it doesn't rely on the constructor to do all the fancy footwork. I would personally prefer that the library behaved as the example suggests. It just looks like better code. P.S. I'll be using the DH code in a secure coding class at U of M this week
noloader
commented
7 years ago Thanks @ecarew, Ack.
I surveyed the docs and mulled over them for a couple of weeks. They are kind of shabby at the moment. Let me make a quick pass over them. In particular, I'm going to update the wiki page, and I am going to get a few examples in the inline comments, which results in the online manual.
To make this work:
AutoSeededRandomPool rngA;
DH dhA(rngA, 128);You do one of the following. _If you call Initialize_ _with_ a RNG, then it creates a DH with a new random key. If you call Initialize _without_ a RNG, then it popultates the DH with existing data, like an OID or GroupParameters.
That particular pattern is carried throughout the library, whether its DH, EC key, RSA key, DSA key, etc.
AutoSeededRandomPool rngA;
DH dhA;
dhA.Initialize(rngA, 128);Or:
OID oid = ...
DH dhA;
dhA.Initialize(oid);Or:
GroupParamters params = ...
DH dhA;
dhA.Initialize(params);Commits 1b16a75, 7cc8ad1 and e6f6db5 updated the Doxygen documentation. I think the last commit is the one you are interested in.
ecarew
commented
7 years ago Jeff,
Thanks for the clarification. I'll use that in my next class, as the recommended usage for this library. Hopefully, the docs will reflect this on the Diffie-Hellman Wiki page. I note, at this time, the page is the same when I first used it. If you'd like, I could re-run your code with the initialize addition, and then put the running example code in place of the existing wiki code.
Evan
PS Thanks for maintaining a pure C++ Crypto library. Before I chose yours, I reviewed a few others, like libgcrypt, and rejected them, as they didn't adhere to the Cert rules for secure coding. Since I needed to present the code in front of a class, it needed to pass the visual sniff test. Your library definitely passes that test, and besides, your code looks MUCH better.
On Sun, Dec 4, 2016, 2:38 AM Jeffrey Walton notifications@github.com wrote:
Commits 1b16a75 https://github.com/weidai11/cryptopp/commit/1b16a75352ea1c599ed198c31e57cb6708e0b1bc, 7cc8ad1 https://github.com/weidai11/cryptopp/commit/7cc8ad1a1d6b9fdfea6ac3695ac50f45150ce05e and e6f6db5 https://github.com/weidai11/cryptopp/commit/e6f6db5fdf4f1682dff525e6f8cf4dca31aa7f00 updated the Doxygen documentation. I think the last commit is the one you are interested in.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/weidai11/cryptopp/issues/328#issuecomment-264689373, or mute the thread https://github.com/notifications/unsubscribe-auth/ABMU69BBdlG-mG7GSIOfcSfpDNWiRBWzks5rEm30gaJpZM4KeCj- .
noloader
commented
7 years ago I'll use that in my next class, as the recommended usage for this library. Hopefully, the docs will reflect this on the Diffie-Hellman Wiki page. I note, at this time, the page is the same when I first used it. If you'd like, I could re-run your code with the initialize addition, and then put the running example code in place of the existing wiki code.
The odd thing (for me) is I cannot duplicate it (see below). Email me off-list with your reproducer at noloader, gmail account.
I'll also give you my phone numbers in case you need it for your curriculum or class.
Thanks for maintaining a pure C++ Crypto library. Before I chose yours, I reviewed a few others, like libgcrypt, and rejected them, as they didn't adhere to the Cert rules for secure coding. Since I needed to present the code in front of a class, it needed to pass the visual sniff test. Your library definitely passes that test, and besides, your code looks MUCH better.
Wei Dai gets all the credit. He created the library in the 1990s, and was one of the first taken down when RSA Data Securities started with the patent infringement stuff. That's why Crypto++ 1.0 is not available for download. Its been lost to history. Crypto++ 2.x removed the RSA gear, and it is still available for download.
Over the last several years Wei ran out of time to maintain the library. Rather than let the library whither and die, he gave it to the community. It was a very unselfish act.
His shoes are big ones to fill.
$ git diff > test.diff
$ cat test.diff
diff --git a/test.cpp b/test.cpp
index dc44271..61da5e8 100644
--- a/test.cpp
+++ b/test.cpp
@@ -23,6 +23,7 @@
#include "smartptr.h"
#include "ossig.h"
#include "trap.h"
+#include "dh.h"
#include "validate.h"
#include "bench.h"
@@ -156,6 +157,13 @@ int CRYPTOPP_API main(int argc, char *argv[])
OFB_Mode<AES>::Encryption& aesg = dynamic_cast<OFB_Mode<AES>::Encryption&>(GlobalRNG());
aesg.SetKeyWithIV((byte *)seed.data(), 16, (byte *)seed.data());
+ RandomNumberGenerator& prng = dynamic_cast<RandomNumberGenerator&>(aesg);
+ DH dh(prng, 128U);
+
+ std::cout << "Modulus: ";
+ std::cout << std::hex << dh.GetGroupParameters().GetModulus() << std::endl;
+ exit(0);
+And:
$ ./cryptest.exe
Modulus: e048b4b245ece87a2c0bc1f94050008bh
On the diffie hellman page, in section 9.1, the following code has a problem:
Since there are no other examples of initializing the DH class with a RNG, using the DH code from this library presents a higher than necessary barrier.
Further bug info: The next morning, I had another run at it, and by combining code from two examples, I got the 9.1 example to work. The key is that initializing a DH class with a random number generator, and key size, doesn't work, however, if you use the longer form from one of the previous examples:
dh.AccessGroupParameters().GenerateRandomWithKeySize(rng, 128);you can get it to work. Not as nice looking, but it only adds an extra line of code.