Einzelnen Beitrag anzeigen

Kas Ob.

Registriert seit: 3. Sep 2023
409 Beiträge
 
#2

AW: Cyrptography: ANSI X9.62 Public Key mit Elliptic curve (ECDH + HKDF)

  Alt 28. Mär 2025, 17:24
Hi,

The code you included is:
Zitat:
This section is simple key generation, for prime256v1 (aka nistp256 or secp256r1), nothing special the public key is in ... well pubkey
EC_KEY * MyECKey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
pubkey = EC_KEY_get0_public_key(MyECKey);
group = EC_KEY_get0_group(MyECKey);
pointSize = EC_POINT_point2oct(group, pubkey, POINT_CONVERSION_UNCOMPRESSED, ECCurvePoint, EC_POINT_SIZE, NULL);

This section is simply handle the received (foreign) key and make sure to format it, the received key is material and the result is remotePoint, ( as public key )
EC_POINT* remotePoint = NULL;
const EC_GROUP* group = EC_KEY_get0_group(MyECKey);
remotePoint = EC_POINT_new(group);
EC_POINT_oct2point(group, remotePoint, material, material_len, NULL)
int degree = EC_GROUP_get_degree(group);

// Calculate Elliptic Curve Diffie Hellman key from the remote point received
ECDHKeyLen = ECDH_compute_key(ECDH_computed_key, (degree + 7) / 8, remotePoint, MyECKey, NULL);
HKDFKeyLen = 36;
HKDF_key_generation(ctxId,ECDH_computed_key, ECDHKeyLen, material, material_len, HKDF_derived_key, &HKDFKeyLen);
Thoughts on that:
1) You mentioned OpenSSH, but these are also in OpenSSL, so are free to reuse the same exact code and logic here.
2) Few things i do not understand, like if prime256v1 is used then degree is 256 for sure, so why compute it !?
3) You didn't provide a sample public key (material and its length material_len), just to understand its format, is it compressed ? or not and if it is raw then that could be shorter.


In all cases you need to understand the process that already explained in the text file, and to elaborate on that differently, i will put it like this
1) If you generate key pair you will end up with Pub1 and Priv1 your own
2) You received Pub2 form some one (aka peer over the net or a device)
3) If you performed the Diffie–Hellman key exchange between your Priv1 and Pub2 then the result will be KSec
4) If you send your pub1 to the peer or device and it does performed Diffie–Hellman key exchange between pub1 and priv2 then the result is Ksec (the same from 3)
5) Ksec is agreed on with sending it, and this is Diffie–Hellman key exchange.

You can use OpenSSL (this is available with many Delphi libraries) or (to my knowledge) there is only one library on git hub that can perform the ECDH and HKDF
https://github.com/Xor-el/CryptoLib4Pascal

Away from these there is SecureBridge and SecureBlackBox, ...

But it is easier to pick one approach (library) and i hope explained the steps of what you need to perform to get your needed KSec then pass it through HKDF to get a key with length of 36 byte.
Kas
  Mit Zitat antworten Zitat