|
Cyrptography: ANSI X9.62 Public Key mit Elliptic curve (ECDH + HKDF)
Liste der Anhänge anzeigen (Anzahl: 1)
Moin,
ich habe gerade ein Thema, dass einer der von uns eingebundenen Controller (BluetoothLE) unbedingt verschlüsselt kommunizieren möchte. Ich scheitere aber schon daran, jetzt den richtigen Public Key auf unserer Seite zum Austausch zu erstellen. Es scheint, dass ich zwar einen ANSI X.962 (prime256v1)-Private/Public Key angelegt habe, aber zum Austausch noch den Elliptic curve (ECDH + HKDF)-Extract daraus benötige. Ich habe eine C#-Erklärung dazu einmal angehängt. Da ist mir vollkommen, unklar, wie ich dies tun kann. Dieser Schritt müsste jetzt auch nicht zwingend in Delphi passieren, mir reicht es die notwendigen Daten zu haben, damit ich unseren Public-Key an das Gerät schicken kann. Wenn dies richtig läuft, müsste per Indicate der Public-Key des Gerätes zurückkommen. Und danach können wir dann die Kommunikation entschlüsseln. Dies müsste dann allerdings tatsächlich plattform übergreifend in Delphi passieren. Gibt es hier einen Experten für so ein Thema? Grüße, Philipp |
AW: Cyrptography: ANSI X9.62 Public Key mit Elliptic curve (ECDH + HKDF)
Hi,
The code you included is: Zitat:
1) You mentioned OpenSSH, but these are also in OpenSSL, so are free to reuse the same exact code and logic here. 2) Few things i do not understand, like if prime256v1 is used then degree is 256 for sure, so why compute it !? 3) You didn't provide a sample public key (material and its length material_len), just to understand its format, is it compressed ? or not and if it is raw then that could be shorter. In all cases you need to understand the process that already explained in the text file, and to elaborate on that differently, i will put it like this 1) If you generate key pair you will end up with Pub1 and Priv1 your own 2) You received Pub2 form some one (aka peer over the net or a device) 3) If you performed the Diffie–Hellman key exchange between your Priv1 and Pub2 then the result will be KSec 4) If you send your pub1 to the peer or device and it does performed Diffie–Hellman key exchange between pub1 and priv2 then the result is Ksec (the same from 3) 5) Ksec is agreed on with sending it, and this is Diffie–Hellman key exchange. You can use OpenSSL (this is available with many Delphi libraries) or (to my knowledge) there is only one library on git hub that can perform the ECDH and HKDF  https://github.com/Xor-el/CryptoLib4PascalAway from these there is SecureBridge and SecureBlackBox, ... But it is easier to pick one approach (library) and i hope explained the steps of what you need to perform to get your needed KSec then pass it through HKDF to get a key with length of 36 byte. |
AW: Cyrptography: ANSI X9.62 Public Key mit Elliptic curve (ECDH + HKDF)
Thanks Crypto4Lib for Pascal or SecureBridge could be a good idea to test with. I'm not so happy with OpenSSL as it's fine for some OS but not for all.
|
AW: Cyrptography: ANSI X9.62 Public Key mit Elliptic curve (ECDH + HKDF)
Zitat:
One thing though, i put SecureBridge without completely being sure if you can do it easily or not, i don't have it, but if they say it does TLS 1.3 then for sure it can do HKDF and ECDH, be sure that these functionality are within exposed classes before you buy if you are not getting the license with full source. |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 06:33 Uhr. |
Powered by vBulletin® Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO © 2011, Crawlability, Inc.
Delphi-PRAXiS (c) 2002 - 2023 by Daniel R. Wolf, 2024-2025 by Thomas Breitkreuz