1# Key Agreement Using DH (ArkTS) 2 3<!--Kit: Crypto Architecture Kit--> 4<!--Subsystem: Security--> 5<!--Owner: @zxz--3--> 6<!--Designer: @lanming--> 7<!--Tester: @PAFT--> 8<!--Adviser: @zengyawen--> 9 10For details about the algorithm specifications, see [DH](crypto-key-agreement-overview.md#dh). 11 12## How to Develop 13 141. Call [cryptoFramework.createAsyKeyGenerator](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreateasykeygenerator) and [AsyKeyGenerator.generateKeyPair](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#generatekeypair-1) to generate a DH asymmetric key pair (**KeyPair**) with the named DH group **modp1536**. 15 In addition to the example in this topic, [DH](crypto-asym-key-generation-conversion-spec.md#dh) and [Randomly Generating an Asymmetric Key Pair](crypto-generate-asym-key-pair-randomly.md) may help you better understand how to generate a DH asymmetric key pair. Note that the input parameters in the reference documents may be different from those in the example below. 16 172. Call [cryptoFramework.createKeyAgreement](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreatekeyagreement) with the string parameter **'DH_modp1536'** to create a key agreement (**KeyAgreement**) instance. 18 193. Call [KeyAgreement.generateSecret](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#generatesecret-1) to perform key agreement with the specified private key (**KeyPair.priKey**) and public key (**KeyPair.pubKey**), and return the shared secret. 20 21- Example (using asynchronous APIs): 22 23 ```ts 24 import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 25 26 async function dhAwait() { 27 let keyGen = cryptoFramework.createAsyKeyGenerator('DH_modp1536'); 28 // Randomly generate public-private key pair A. 29 let keyPairA = await keyGen.generateKeyPair(); 30 // Randomly generate public-private key pair B with the same specifications. 31 let keyPairB = await keyGen.generateKeyPair(); 32 let keyAgreement = cryptoFramework.createKeyAgreement('DH_modp1536'); 33 // Use the public key of A and the private key of B to perform key agreement. 34 let secret1 = await keyAgreement.generateSecret(keyPairB.priKey, keyPairA.pubKey); 35 // Use the private key of A and the public key of B to perform key agreement. 36 let secret2 = await keyAgreement.generateSecret(keyPairA.priKey, keyPairB.pubKey); 37 // The two key agreement results should be the same. 38 if (secret1.data.toString() === secret2.data.toString()) { 39 console.info('DH success'); 40 console.info('DH output is ' + secret1.data); 41 } else { 42 console.error('DH result is not equal'); 43 } 44 } 45 ``` 46 47- Example (using synchronous APIs): 48 49 ```ts 50 import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 51 52 function dhAgreementSync() { 53 let keyGen = cryptoFramework.createAsyKeyGenerator('DH_modp1536'); 54 // Randomly generate public-private key pair A. 55 let keyPairA = keyGen.generateKeyPairSync(); 56 // Randomly generate public-private key pair B with the same specifications. 57 let keyPairB = keyGen.generateKeyPairSync(); 58 let keyAgreement = cryptoFramework.createKeyAgreement('DH_modp1536'); 59 // Use the public key of A and the private key of B to perform key agreement. 60 let secret1 = keyAgreement.generateSecretSync(keyPairB.priKey, keyPairA.pubKey); 61 // Use the private key of A and the public key of B to perform key agreement. 62 let secret2 = keyAgreement.generateSecretSync(keyPairA.priKey, keyPairB.pubKey); 63 // The two key agreement results should be the same. 64 if (secret1.data.toString() === secret2.data.toString()) { 65 console.info('DH success'); 66 console.info('DH output is ' + secret1.data); 67 } else { 68 console.error('DH result is not equal'); 69 } 70 } 71 ``` 72