Hi Fabio!
I've been looking for some example and i adapted to your program.
This code works...
It seems that it's simpler than you thought.
#include <openssl/ssl.h>
#include <openssl/ecdh.h>
#include <openssl/sha.h>
#include <openssl/crypto.h>
#define ECDH_SIZE 67
static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t
*outlen)
{
#ifndef OPENSSL_NO_SHA
if (*outlen < SHA_DIGEST_LENGTH)
return NULL;
else
*outlen = SHA_DIGEST_LENGTH;
return SHA1(in, inlen, out);
#else
return NULL;
#endif
}
int main() {
int alen = 0;
int blen = 0;
int aout = 0;
int bout = 0;
static const int KDF1_SHA1_len = 20;
unsigned char *abuf = NULL;
unsigned char *bbuf = NULL;
OpenSSL_add_all_ciphers();
OpenSSL_add_all_algorithms();
EC_KEY *ecdh = NULL;
EC_KEY *ecdh2 = NULL;
//Generate Public
ecdh = EC_KEY_new_by_curve_name(NID_secp521r1);
ecdh2 = EC_KEY_new_by_curve_name(NID_secp521r1);
EC_KEY_generate_key(ecdh);
EC_KEY_generate_key(ecdh2);
alen = KDF1_SHA1_len;
abuf = (unsigned char *) OPENSSL_malloc (alen);
aout = ECDH_compute_key(abuf, alen, EC_KEY_get0_public_key(ecdh2),
ecdh, KDF1_SHA1);
blen = KDF1_SHA1_len;
bbuf = (unsigned char *)OPENSSL_malloc(blen);
bout = ECDH_compute_key(bbuf, blen, EC_KEY_get0_public_key(ecdh),
ecdh2, KDF1_SHA1);
if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0))
{
printf("Error! The keys are different! \n");
}
if(abuf)
free(abuf);
if(bbuf)
free(bbuf);
EC_KEY_free(ecdh);
EC_KEY_free(ecdh2);
printf("To the end");
return 0;
}
On Tue, May 15, 2012 at 12:09 PM, Matt Caswell (fr...@baggins.org) <
fr...@baggins.org> wrote:
> On 15 May 2012 15:22, Fábio Resner <fabiu...@gmail.com> wrote:
> > Hi,
> >
> > I'm trying to write an app to generate public/private/shared key for
> ECDH.
> > Here is what I was able to build based on examples:
> >
> > #include <openssl/ssl.h>
> >
> > #define ECDH_SIZE 67
> >
> > int main() {
> > EC_KEY *ecdh = EC_KEY_new();
> > const EC_POINT *point = NULL;
> >
> > EC_POINT *point2;
> > const EC_GROUP *group;
> >
> > // const void *pubkey = NULL;
> > unsigned char *pubkey = NULL;
> > void *shared = NULL;
> >
> > //Generate Public
> > ecdh = EC_KEY_new_by_curve_name(NID_secp521r1);
> > EC_KEY_generate_key(ecdh);
> >
> > point = EC_KEY_get0_public_key(ecdh);
> > EC_POINT_point2oct(EC_KEY_get0_group(ecdh), point,
> > POINT_CONVERSION_COMPRESSED, pubkey, ECDH_SIZE, NULL);
> >
> I am not familiar with the ECDH functions....but I am familiar with
> the EC functions and this line does not look right.
>
> If you pass a null pointer for a buffer to point2oct then the function
> will return the size of the buffer that you require. You need to check
> the return value, malloc a buffer of the required size and then
> re-call point2oct.
>
>
> > //ComputeKey
> > group = EC_KEY_get0_group((ecdh));
> > point2 = EC_POINT_new(group);
> >
> > EC_POINT_oct2point(group, point2, pubkey, ECDH_SIZE, NULL);
> >
> > ECDH_compute_key(shared, ECDH_SIZE, point2, ecdh, NULL);
>
> As I said I'm not familiar with the ECDH functions...but this looks
> like you are trying to generate a shared key using only one
> public/private key pair??
>
>
> > EC_POINT_free(point2);
> > EC_KEY_free(ecdh);
> > ecdh = NULL;
> >
> > printf("To the end");
> >
> > return 0;
> > }
> >
> > But it just broke on EC_POINT_oct2point(group, point2, pubkey, ECDH_SIZE,
> > NULL);
> > And pubkey is exiting EC_POINT_point2oct(EC_KEY_get0_group(ecdh), point,
> > POINT_CONVERSION_COMPRESSED, pubkey, ECDH_SIZE, NULL); with a NULL value.
> > The program exists and gives no segFAULT or any erros messages.
> >
> > Any suggestions?
> >
> > Thanks,
> >
> > --
> > Fabio Resner.
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org
>
--
Rick Lopes de Souza
