nodejs crypto module DH secret hash is not the same with diffie-hellman/browser

[spursy]

I do a test about crypto module with diffie-hellman/browser

• When I use the followed , DH secret hex is not the same,

var dh1_secret = dh1.computeSecret(dh2.getPublicKey('hex'), 'hex');
var dh2_secret = dh2.computeSecret(dh1.getPublicKey('hex'), 'hex');

console.log(dh1_secret.toString('hex') === dh2_secret.toString('hex'));   // false

• when I use the followed, DH secret is the same,

var dh1_secret = dh1.computeSecret(dh2.getPublicKey());
var dh2_secret = dh2.computeSecret(dh1.getPublicKey());    // true

The followed is the completed code.

var myCrypto = require('./browser');
var crypto = require('./');

p1 = "modp18"
var dh1 = myCrypto.getDiffieHellman(p1);
let dh1_secret_key = dh1.generateKeys();

let dh1_pk = dh1.getPublicKey('hex');

let dh2 = myCrypto.getDiffieHellman(p1);
let dh2_secret_key = dh2.generateKeys();

var dh1_secret = dh1.computeSecret(dh2.getPublicKey('hex'), 'hex');
var dh2_secret = dh2.computeSecret(dh1.getPublicKey('hex'), 'hex');

console.log(dh1_secret.toString('hex') === dh2_secret.toString('hex'));

[calvinmetcalf]

it's a much simpler issue, we don't support the encoding parameters, so that should be a pretty strait forward fix.

In the mean time i'd suggest not using dh and instead using ECDH which is much safer for keys with good performance.