• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Key Agreement Using DH (C/C++)
2
3<!--Kit: Crypto Architecture Kit-->
4<!--Subsystem: Security-->
5<!--Owner: @zxz--3-->
6<!--Designer: @lanming-->
7<!--Tester: @PAFT-->
8<!--Adviser: @zengyawen-->
9
10For details about the algorithm specifications, see [DH](crypto-key-agreement-overview.md#dh).
11
12## How to Develop
13
141. Call [OH_CryptoAsymKeyGenerator_Create](../../reference/apis-crypto-architecture-kit/capi-crypto-asym-key-h.md#oh_cryptoasymkeygenerator_create) and [OH_CryptoAsymKeyGenerator_Generate](../../reference/apis-crypto-architecture-kit/capi-crypto-asym-key-h.md#oh_cryptoasymkeygenerator_generate) to generate an asymmetric key (**keyPair**) of the DH_modp1536 type.
15
16   For details about how to generate a DH asymmetric key pair, see the following example. To learn more, see [DH](crypto-asym-key-generation-conversion-spec.md#dh) and [Randomly Generating an Asymmetric Key Pair](crypto-generate-asym-key-pair-randomly-ndk.md). There may be differences between the input parameters in the reference documents and those in the following example.
17
182. Call [OH_CryptoKeyAgreement_Create](../../reference/apis-crypto-architecture-kit/capi-crypto-key-agreement-h.md#oh_cryptokeyagreement_create) and specify the string parameter **DH_modp1536** to create a key protocol generator of the DH_modp1536 type.
19
203. Call [OH_CryptoKeyAgreement_GenerateSecret](../../reference/apis-crypto-architecture-kit/capi-crypto-key-agreement-h.md#oh_cryptokeyagreement_generatesecret) to perform key agreement based on the passed private key (**keyPair.priKey**) and public key (**keyPair.pubKey**) and return the shared key.
21
22```C++
23#include "CryptoArchitectureKit/crypto_architecture_kit.h"
24#include "CryptoArchitectureKit/crypto_key_agreement.h"
25#include <stdio.h>
26#include <cstring>
27
28static OH_Crypto_ErrCode doTestDHKeyAgreement()
29{
30    // Create a DH key generator.
31    OH_CryptoAsymKeyGenerator *dhGen = nullptr;
32    OH_Crypto_ErrCode ret = OH_CryptoAsymKeyGenerator_Create("DH_modp1536", &dhGen);
33    if (ret != CRYPTO_SUCCESS) {
34        return ret;
35    }
36
37    // Generate public-private key pair A.
38    OH_CryptoKeyPair *keyPairA = nullptr;
39    ret = OH_CryptoAsymKeyGenerator_Generate(dhGen, &keyPairA);
40    if (ret != CRYPTO_SUCCESS) {
41        OH_CryptoAsymKeyGenerator_Destroy(dhGen);
42        return ret;
43    }
44
45    // Generate public-private key pair B.
46    OH_CryptoKeyPair *keyPairB = nullptr;
47    ret = OH_CryptoAsymKeyGenerator_Generate(dhGen, &keyPairB);
48    if (ret != CRYPTO_SUCCESS) {
49        OH_CryptoKeyPair_Destroy(keyPairA);
50        OH_CryptoAsymKeyGenerator_Destroy(dhGen);
51        return ret;
52    }
53
54    // Create a key agreement generator.
55    OH_CryptoKeyAgreement *dhKeyAgreement = nullptr;
56    ret = OH_CryptoKeyAgreement_Create("DH_modp1536", &dhKeyAgreement);
57    if (ret != CRYPTO_SUCCESS) {
58        OH_CryptoKeyPair_Destroy(keyPairA);
59        OH_CryptoKeyPair_Destroy(keyPairB);
60        OH_CryptoAsymKeyGenerator_Destroy(dhGen);
61        return ret;
62    }
63
64    // Use the public key of A and the private key of B to perform key agreement.
65    OH_CryptoPrivKey *privKeyB = OH_CryptoKeyPair_GetPrivKey(keyPairB);
66    OH_CryptoPubKey *pubKeyA = OH_CryptoKeyPair_GetPubKey(keyPairA);
67    Crypto_DataBlob secret1 = { 0 };
68    ret = OH_CryptoKeyAgreement_GenerateSecret(dhKeyAgreement, privKeyB, pubKeyA, &secret1);
69    if (ret != CRYPTO_SUCCESS) {
70        OH_CryptoKeyAgreement_Destroy(dhKeyAgreement);
71        OH_CryptoKeyPair_Destroy(keyPairA);
72        OH_CryptoKeyPair_Destroy(keyPairB);
73        OH_CryptoAsymKeyGenerator_Destroy(dhGen);
74        return ret;
75    }
76
77    // Use the public key of B and the private key of A to perform key agreement.
78    OH_CryptoPrivKey *privKeyA = OH_CryptoKeyPair_GetPrivKey(keyPairA);
79    OH_CryptoPubKey *pubKeyB = OH_CryptoKeyPair_GetPubKey(keyPairB);
80    Crypto_DataBlob secret2 = { 0 };
81    ret = OH_CryptoKeyAgreement_GenerateSecret(dhKeyAgreement, privKeyA, pubKeyB, &secret2);
82    if (ret != CRYPTO_SUCCESS) {
83        OH_Crypto_FreeDataBlob(&secret1);
84        OH_CryptoKeyAgreement_Destroy(dhKeyAgreement);
85        OH_CryptoKeyPair_Destroy(keyPairA);
86        OH_CryptoKeyPair_Destroy(keyPairB);
87        OH_CryptoAsymKeyGenerator_Destroy(dhGen);
88        return ret;
89    }
90
91    // Compare the secrets.
92    if ((secret1.len == secret2.len) &&
93        (memcmp(secret1.data, secret2.data, secret1.len) == 0)) {
94        printf("dh success\n");
95    } else {
96        printf("dh result is not equal\n");
97        ret = CRYPTO_OPERTION_ERROR;
98    }
99
100    // Free resources.
101    OH_Crypto_FreeDataBlob(&secret1);
102    OH_Crypto_FreeDataBlob(&secret2);
103    OH_CryptoKeyAgreement_Destroy(dhKeyAgreement);
104    OH_CryptoKeyPair_Destroy(keyPairA);
105    OH_CryptoKeyPair_Destroy(keyPairB);
106    OH_CryptoAsymKeyGenerator_Destroy(dhGen);
107    return ret;
108}
109```
110