0

i'm using SSLStream to communicate a client and a server using OpenSSL certificates.

And the client that i will use is a machine that has it's own software, that needs to use RSA cryptography.

I made a server and a client, just to test, using my computer as client, and other computer as a server, and i made a simple key exchange, just to test the sslstream and de rsa cryptograhy between these machines.

Both machines send the public key like this:

byte[] modulus = pubkey.Modulus;
sslStream.Write(modulus, 0, modulus.Length);
sslStream.Flush();

And both machines receive the key and create like this:

 byte[] exponent = {1, 0, 1};
 byte[] modulus = new byte[256];
 sslStream.Read(modulus, 0, modulus.Length);

 clientPublicKey.D = null;
 clientPublicKey.DP = null;
 clientPublicKey.DQ = null;
 clientPublicKey.Exponent = exponent;
 clientPublicKey.InverseQ = null;
 clientPublicKey.Modulus = modulus;
 clientPublicKey.P = null;
 clientPublicKey.Q = null;

But, testing this with the original client that i will use, the key exchange is not the same way.
Is there another way exchange keys? Because i'm sure that the original machine use another way to exchange theses keys with my server.

Enzo Tiezzi
  • 208
  • 1
  • 6
  • What do you mean by "... the key exchange is not the same way"? Each run of the protocol uses different values for the client random (a nonce) and the server random (a nonce). Its baked into the protocol. You should *not* be able to duplicate values across runs. – jww Jul 03 '14 at 14:41
  • the way i'm sending with 2 normal machines, is using the sslstream, just seinding the modulus, but, i noticed that the original machine doesn't work like this – Enzo Tiezzi Jul 03 '14 at 14:46

0 Answers0