英文:
Trying to implement diffie-hellman using libsodium and react but getting a different shared secret key
问题
我正在尝试使用libsodium实现Diffie-Hellman,但在进行密钥交换时得到了不同的共享密钥。
以下是生成的输出:
Bob的公钥:_nGMQavOQuMf7FUyUYfaqvfBcj9hAFJPcc-Bo0JHEEw
Alice的私钥:vrzVDcdX7PyN1BGo00CzJ_vdvWuOnK_sUeHGQbDAZHQ
共享密钥:8oVOLsEnxq7XLX6ZXuV3wGgjtyGO7bN8SOvFK1BaB0o
Alice的公钥:SaKUG5MX0m5XP7Tbf8-LjHzhWdxn9Qn6ndRVBP1YeRI
Bob的私钥:hzFTBbnif8I37ySoDi5eqtEUechU_dBE7n-oFYNENh0
共享密钥:XnwyWbm2kZFddqx67-QAC1K3Sn7trh5Suk15zl4NmcA
这两个共享密钥不匹配。请帮助我解决这个问题。
英文:
I am trying to implement diffie hellman using libsodium but I am getting a different shared secret key when doing an exchange.
async function handleSharedSecret() {
await _sodium.ready;
const sodium = _sodium;
const secretKey = sodium.crypto_kx_client_session_keys(
sodium.crypto_scalarmult_base(
sodium.from_base64(privateKeyRef.current.value)
),
sodium.from_base64(privateKeyRef.current.value),
sodium.from_base64(publicKeyRef.current.value)
);
setSharedSecretKey(sodium.to_base64(secretKey.sharedRx));
}
The output generated is this
Bob's Public Key: _nGMQavOQuMf7FUyUYfaqvfBcj9hAFJPcc-Bo0JHEEw
Alice's Private Key: vrzVDcdX7PyN1BGo00CzJ_vdvWuOnK_sUeHGQbDAZHQ
Shared Secret Key: 8oVOLsEnxq7XLX6ZXuV3wGgjtyGO7bN8SOvFK1BaB0o
Alice's Public Key: SaKUG5MX0m5XP7Tbf8-LjHzhWdxn9Qn6ndRVBP1YeRI
Bob's Private Key: hzFTBbnif8I37ySoDi5eqtEUechU_dBE7n-oFYNENh0
Shared Secret Key: XnwyWbm2kZFddqx67-QAC1K3Sn7trh5Suk15zl4NmcA
The shared secrets keys don't match. Please help me resolve this.
答案1
得分: 1
使用libsodium进行正确的操作如下所示:
async function diffieHellmanKeyExchange() {
await sodium.ready;
const serverKeyPair = sodium.crypto_kx_keypair();
const clientKeyPair = sodium.crypto_kx_keypair();
const serverSharedSecret = sodium.crypto_kx_server_session_keys(
serverKeyPair.publicKey,
serverKeyPair.privateKey,
clientKeyPair.publicKey
);
const clientSharedSecret = sodium.crypto_kx_client_session_keys(
clientKeyPair.publicKey,
clientKeyPair.privateKey,
serverKeyPair.publicKey
);
const serverSharedSecretHex = sodium.to_hex(serverSharedSecret.sharedRx);
const clientSharedSecretHex = sodium.to_hex(clientSharedSecret.sharedTx);
console.log('Match:', serverSharedSecretHex === clientSharedSecretHex);
}
diffieHellmanKeyExchange();
更多信息请查看libsodium官方文档。
如果需要的话,可以使用自定义对象来替代调用sodium.crypto_kx_keypair():
const clientKeyPair = {
publicKey: sodium.from_hex(publicKey),
privateKey: sodium.from_hex(privateKey)
};
<details>
<summary>英文:</summary>
The correct way to do so using libsodium would be this code:
async function diffieHellmanKeyExchange() {
await sodium.ready;
const serverKeyPair = sodium.crypto_kx_keypair();
const clientKeyPair = sodium.crypto_kx_keypair();
const serverSharedSecret = sodium.crypto_kx_server_session_keys(
serverKeyPair.publicKey,
serverKeyPair.privateKey,
clientKeyPair.publicKey
);
const clientSharedSecret = sodium.crypto_kx_client_session_keys(
clientKeyPair.publicKey,
clientKeyPair.privateKey,
serverKeyPair.publicKey
);
const serverSharedSecretHex = sodium.to_hex(serverSharedSecret.sharedRx);
const clientSharedSecretHex = sodium.to_hex(clientSharedSecret.sharedTx);
console.log('Match:', serverSharedSecretHex === clientSharedSecretHex);
}
diffieHellmanKeyExchange();
Read more at [Official Documentation For libsodium][1].
[1]: https://doc.libsodium.org/
If you need to , instead of calling sodium.crypto_kx_keypair(), you can use a custom object like following:
const clientKeyPair = {
publicKey: sodium.from_hex(publicKey),
privateKey: sodium.from_hex(privateKey)
};
</details>
# 答案2
**得分**: 0
我搞定了。基本上,你需要定义两个不同的函数来生成相同的共享秘密密钥。如果有人在这方面有更多的专业知识,请解释一下为什么要这样做。
这将生成正确的加密和解密共享秘密密钥。
用于加密的示例:
Bob私钥:c09e3e89a590d449c1dfe6ad82b44438bfe59d146fe4c7e407690c6b84e22077
Alice公钥:20f40d0d267f00d67651375ed172a1e7f16e1b085afb09c6c487feaa300e8d31
共享秘密:bdf9835b9f6c758278c090b4af9539f7843030285cdeafdcfcf6d34c0fbc29b3
用于解密的示例:
Alice私钥:20ff8ef237f2e421b21e33d82fdb0ee8a57e67d572d502be7d4f9916fdcd1e9e
Bob公钥:a9e7e836a3fd987f93fc332d21a8c8200aa4962ac35e3c8da02135c358df9b19
共享秘密:bdf9835b9f6c758278c090b4af9539f7843030285cdeafdcfcf6d34c0fbc29b3
正如你所看到的,通过调用不同的函数,我们获得了相同的共享秘密密钥。
<details>
<summary>英文:</summary>
I got it working. Basically you need to define two separate functions, to generate the same shared secret key. If someone has more expertise in this please do explain why.
async function handleGetEncryptionKey(alicePublicKey, bobPrivateKey) {
try {
await _sodium.ready;
const sodium = _sodium;
const serverSharedSecret = sodium.crypto_kx_server_session_keys(
sodium.crypto_scalarmult_base(sodium.from_hex(bobPrivateKey)),
sodium.from_hex(bobPrivateKey),
sodium.from_hex(alicePublicKey)
);
console.log(
"Encryption Key: ",
sodium.to_hex(serverSharedSecret.sharedRx)
);
setSharedSecretKey(sodium.to_hex(serverSharedSecret.sharedRx));
} catch (error) {
setVariant("danger");
setSyslog(error.message);
}
}
async function handleGetDecryptionKey(bobPublicKey, alicePrivateKey) {
try {
await _sodium.ready;
const sodium = _sodium;
const clientSharedSecret = sodium.crypto_kx_client_session_keys(
sodium.crypto_scalarmult_base(sodium.from_hex(alicePrivateKey)),
sodium.from_hex(alicePrivateKey),
sodium.from_hex(bobPublicKey)
);
console.log(
"Decryption Key: ",
sodium.to_hex(clientSharedSecret.sharedTx)
);
setSharedSecretKey(sodium.to_hex(clientSharedSecret.sharedTx));
} catch (error) {
setVariant("danger");
setSyslog(error.message);
}
}
This will generate the proper shared secret key for encryption and decryption
For Encryption:
Bob Private Key: c09e3e89a590d449c1dfe6ad82b44438bfe59d146fe4c7e407690c6b84e22077
Alice Public Key: 20f40d0d267f00d67651375ed172a1e7f16e1b085afb09c6c487feaa300e8d31
Shared Secret: bdf9835b9f6c758278c090b4af9539f7843030285cdeafdcfcf6d34c0fbc29b3
For Decryption:
Alice Private Key: 20ff8ef237f2e421b21e33d82fdb0ee8a57e67d572d502be7d4f9916fdcd1e9e
Bob Public Key: a9e7e836a3fd987f93fc332d21a8c8200aa4962ac35e3c8da02135c358df9b19
Shared Secret: bdf9835b9f6c758278c090b4af9539f7843030285cdeafdcfcf6d34c0fbc29b3
As you can see we have the same shared secret key by calling separate functions.
</details>
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论