Establishment of ECDH in C+ Builder through Opensl



  • Binary rocks https://slproweb.com/products/Win32OpenSSL.html Through implib did. lib of dll♪ Dropped the files. *.h in the folder include builder'a. Creating an app, code taken https://wiki.openssl.org/index.php/Elliptic_Curve_Diffie_Hellman :

    #include <openssl/evp.h>
    #include <openssl/ec.h>
    

    unsigned char *ecdh(size_t *secret_len)
    {
    EVP_PKEY_CTX *pctx, *kctx;
    EVP_PKEY_CTX *ctx;
    unsigned char *secret;
    EVP_PKEY *pkey = NULL, *peerkey, params = NULL;
    /
    NB: assumes pkey, peerkey have been already set up */

    /* Create the context for parameter generation */
    if(NULL == (pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))) handleErrors();
    
    /* Initialise the parameter generation */
    if(1 != EVP_PKEY_paramgen_init(pctx)) handleErrors();
    
    /* We're going to use the ANSI X9.62 Prime 256v1 curve */
    if(1 != EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_X9_62_prime256v1)) handleErrors();
    
    /* Create the parameter object params */
    if (!EVP_PKEY_paramgen(pctx, &amp;params)) handleErrors();
    
    /* Create the context for the key generation */
    if(NULL == (kctx = EVP_PKEY_CTX_new(params, NULL))) handleErrors();
    
    /* Generate the key */
    if(1 != EVP_PKEY_keygen_init(kctx)) handleErrors();
    if (1 != EVP_PKEY_keygen(kctx, &amp;pkey)) handleErrors();
    
    /* Get the peer's public key, and provide the peer with our public key -
     * how this is done will be specific to your circumstances */
    peerkey = get_peerkey(pkey);
    
    /* Create the context for the shared secret derivation */
    if(NULL == (ctx = EVP_PKEY_CTX_new(pkey, NULL))) handleErrors();
    
    /* Initialise */
    if(1 != EVP_PKEY_derive_init(ctx)) handleErrors();
    
    /* Provide the peer public key */
    if(1 != EVP_PKEY_derive_set_peer(ctx, peerkey)) handleErrors();
    
    /* Determine buffer length for shared secret */
    if(1 != EVP_PKEY_derive(ctx, NULL, secret_len)) handleErrors();
    
    /* Create the buffer */
    if(NULL == (secret = OPENSSL_malloc(*secret_len))) handleErrors();
    
    /* Derive the shared secret */
    if(1 != (EVP_PKEY_derive(ctx, secret, secret_len))) handleErrors();
    
    EVP_PKEY_CTX_free(ctx);
    EVP_PKEY_free(peerkey);
    EVP_PKEY_free(pkey);
    EVP_PKEY_CTX_free(kctx);
    EVP_PKEY_free(params);
    EVP_PKEY_CTX_free(pctx);
    
    /* Never use a derived secret directly. Typically it is passed
     * through some hash function to produce a key */
    return secret;
    

    }

    The wrong line. peerkey = get_peerkey(pkey); Says there's no function, help me figure it out, please.



  • Exchange Public keysEC_POINT) shall be made through the protocol. In case SSL♪ it's happening at stages ♪ ServerKeyExchange and ClientKeyExchange♪ But if you have any other protocol, you can exchange the keys on another scenario. Anyway, you need to deliver these keys to each side of the dialogue.

    To create private I need a key. EC_KEY_generate_key♪ And to get a secret based on yours. Privat key and Public Neighbor's key, we need to call. ECDH_compute_key

    On both sides of the dialogue, the same curve should be chosen (EC_GROUPThat's a prerequisite.

    Example of ECDH key generation:

    key     = EC_KEY_new();
    group   = EC_GROUP_new_by_curve_name(curve);
    EC_KEY_set_group(key, group);
    EC_KEY_generate_key(key);
    EC_GROUP_free(group);
    



Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2