In [1]:
from cryptography.hazmat.primitives.asymmetric import dh

In [2]:
# Generate DH parameters.
params = dh.generate_parameters(generator=2, key_size=2048)

## Demo an API
Not sure if these data structures are more ergonomic or just more painful.

Example is from Alice perspective.

In [3]:
alice_key = params.generate_private_key()

Receive $B$ from Bob.

In [4]:
# In a real handshake the peer_public_key will be received from the
# other party. For this example we'll generate another private key and
# get a public key from that. Note that in a DH handshake both peers
# must agree on a common set of parameters.
bob_pub_key = params.generate_private_key().public_key()

In [5]:
shared_secret = alice_key.exchange(bob_pub_key)
type(shared_secret)

bytes

## Confirm key agreement by hand

In [6]:
a = alice_key.private_numbers().x
A = alice_key.public_key().public_numbers().y

In [7]:
B = bob_pub_key.public_numbers().y

In [8]:
p = params.parameter_numbers().p;

In [9]:
sk = int.from_bytes(shared_secret)

$B = g^b$ so $B^a = (g^a)^b = g^{ab}\pmod{p}$

In [10]:
sk == pow(B, a, p) 

True

## Check safe prime

In [11]:
from sympy.ntheory import isprime

In [12]:
isprime(p)

True

Prime $p$ is safe if $(p-1)/2$ is also prime.

In [13]:
isprime((p-1)//2)

True