openssl在php和c

Question

我想在php和c之间实现密钥交换，但是DH_compute_key在两种语言上计算的秘密总是不匹配，所以我挖掘了一些细节，发现openssl似乎在不同语言上生成了不同的密钥。

我预计由相同参数和私钥生成的DH公钥应该是相同的，但我在php和c上得到了不同的值。

这是php代码：

$dh_param = array(
    "dh" => array(
        "p" => hex2bin("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
            . "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
            . "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
            . "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
            . "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
            . "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
            . "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
            . "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
            . "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
            . "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
            . "15728E5A8AACAA68FFFFFFFFFFFFFFFF"),
        "g" => "2",
        "priv_key" => hex2bin("581268c890b5cf1a4924f74f1a7f5b160949bde05133ef4bd1bcc89792c37c00"
            . "f20166d63ef442196e7f663c3ffd8e927ff7ed1f140079c1fbb069a127435a2c"
            . "2e0476ae185f6526db3c7a818cd3106d43fd1befc30925fcdccc658ebfdd1b21"
            . "6311844cdf674076a14e490d761b6328c978753ef20283b50a251dc06b2f7966"
            . "b626d202707bb9ab49c12b7d7e32bbe78b17a73ba1ceaa118088e5dcc58f3226"
            . "8650342a7b2baf3372f993d15bd663934a6015f7e066ddd7575b70819dda6e8d"
            . "6b1468f418dc13744cffd6f80ef259e26e247ba49c97b658776e64b76aec421b"
            . "083ec4b2f68045cf310f3cb245354a6a1ad2c76915d7a83ff18b126665039de5")
    )
);

$dh = openssl_pkey_new($dh_param);
$dh_detail = openssl_pkey_get_details($dh);
echo substr(bin2hex($dh_detail['dh']['pub_key']), 0, 10), "\n";

输出为：a0a4ad686e

和c代码：

const char *p_hex =
        "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
        "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
        "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
        "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
        "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
        "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
        "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
        "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
        "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
        "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
        "15728E5A8AACAA68FFFFFFFFFFFFFFFF";

const char *priv_key_hex =
        "581268c890b5cf1a4924f74f1a7f5b160949bde05133ef4bd1bcc89792c37c00"
        "f20166d63ef442196e7f663c3ffd8e927ff7ed1f140079c1fbb069a127435a2c"
        "2e0476ae185f6526db3c7a818cd3106d43fd1befc30925fcdccc658ebfdd1b21"
        "6311844cdf674076a14e490d761b6328c978753ef20283b50a251dc06b2f7966"
        "b626d202707bb9ab49c12b7d7e32bbe78b17a73ba1ceaa118088e5dcc58f3226"
        "8650342a7b2baf3372f993d15bd663934a6015f7e066ddd7575b70819dda6e8d"
        "6b1468f418dc13744cffd6f80ef259e26e247ba49c97b658776e64b76aec421b"
        "083ec4b2f68045cf310f3cb245354a6a1ad2c76915d7a83ff18b126665039de5";

DH *dh = DH_new();
BN_dec2bn(&dh->g, "2");
BN_hex2bn(&dh->p, p_hex);
BN_hex2bn(&dh->priv_key, priv_key_hex);
DH_generate_key(dh);

const char *pub_key_hex = BN_bn2hex(dh->pub_key);
printf("%.10s\n", pub_key_hex);

输出为1606378B62

我已经学习了php openssl扩展的源代码，上面的c代码应该有相同的行为。

Answer 1

...良好 我花了很多时间来检查主键和私钥， 但他们都很好。

错误发生在生成器上，它应该是二进制2，而不是ASCII“2”。

只需将参数更改为"g" => hex2bin("02")即可正常