Moin,

ich habe gerade ein Thema, dass einer der von uns eingebundenen Controller (BluetoothLE) unbedingt verschlüsselt kommunizieren möchte. Ich scheitere aber schon daran, jetzt den richtigen Public Key auf unserer Seite zum Austausch zu erstellen. Es scheint, dass ich zwar einen ANSI X.962 (prime256v1)-Private/Public Key angelegt habe, aber zum Austausch noch den Elliptic curve (ECDH + HKDF)-Extract daraus benötige. Ich habe eine C#-Erklärung dazu einmal angehängt. Da ist mir vollkommen, unklar, wie ich dies tun kann.

Dieser Schritt müsste jetzt auch nicht zwingend in Delphi passieren, mir reicht es die notwendigen Daten zu haben, damit ich unseren Public-Key an das Gerät schicken kann. Wenn dies richtig läuft, müsste per Indicate der Public-Key des Gerätes zurückkommen.

Und danach können wir dann die Kommunikation entschlüsseln. Dies müsste dann allerdings tatsächlich plattform übergreifend in Delphi passieren.

Gibt es hier einen Experten für so ein Thema?

Grüße, Philipp

Hi,

The code you included is:

Zitat:

This section is simple key generation, for prime256v1 (aka nistp256 or secp256r1), nothing special the public key is in ... well pubkey
EC_KEY * MyECKey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
pubkey = EC_KEY_get0_public_key(MyECKey);
group = EC_KEY_get0_group(MyECKey);
pointSize = EC_POINT_point2oct(group, pubkey, POINT_CONVERSION_UNCOMPRESSED, ECCurvePoint, EC_POINT_SIZE, NULL);

This section is simply handle the received (foreign) key and make sure to format it, the received key is material and the result is remotePoint, ( as public key )
EC_POINT* remotePoint = NULL;
const EC_GROUP* group = EC_KEY_get0_group(MyECKey);
remotePoint = EC_POINT_new(group);
EC_POINT_oct2point(group, remotePoint, material, material_len, NULL)
int degree = EC_GROUP_get_degree(group);

// Calculate Elliptic Curve Diffie Hellman key from the remote point received
ECDHKeyLen = ECDH_compute_key(ECDH_computed_key, (degree + 7) / 8, remotePoint, MyECKey, NULL);
HKDFKeyLen = 36;
HKDF_key_generation(ctxId,ECDH_computed_key, ECDHKeyLen, material, material_len, HKDF_derived_key, &HKDFKeyLen);

Thoughts on that:
1) You mentioned OpenSSH, but these are also in OpenSSL, so are free to reuse the same exact code and logic here.
2) Few things i do not understand, like if prime256v1 is used then degree is 256 for sure, so why compute it !?
3) You didn't provide a sample public key (material and its length material_len), just to understand its format, is it compressed ? or not and if it is raw then that could be shorter.


In all cases you need to understand the process that already explained in the text file, and to elaborate on that differently, i will put it like this
1) If you generate key pair you will end up with Pub1 and Priv1 your own
2) You received Pub2 form some one (aka peer over the net or a device)
3) If you performed the Diffie–Hellman key exchange between your Priv1 and Pub2 then the result will be KSec
4) If you send your pub1 to the peer or device and it does performed Diffie–Hellman key exchange between pub1 and priv2 then the result is Ksec (the same from 3)
5) Ksec is agreed on with sending it, and this is Diffie–Hellman key exchange.

You can use OpenSSL (this is available with many Delphi libraries) or (to my knowledge) there is only one library on git hub that can perform the ECDH and HKDF
https://github.com/Xor-el/CryptoLib4Pascal

Away from these there is SecureBridge and SecureBlackBox, ...

But it is easier to pick one approach (library) and i hope explained the steps of what you need to perform to get your needed KSec then pass it through HKDF to get a key with length of 36 byte.

Thanks Crypto4Lib for Pascal or SecureBridge could be a good idea to test with. I'm not so happy with OpenSSL as it's fine for some OS but not for all.

Zitat von philipp.hofmann:

Thanks Crypto4Lib for Pascal or SecureBridge could be a good idea to test with. I'm not so happy with OpenSSL as it's fine for some OS but not for all.

Good choice, i also not a fan of OpenSSL,

One thing though, i put SecureBridge without completely being sure if you can do it easily or not, i don't have it, but if they say it does TLS 1.3 then for sure it can do HKDF and ECDH, be sure that these functionality are within exposed classes before you buy if you are not getting the license with full source.