Hi Fabio! I've been looking for some example and i adapted to your program. This code works... It seems that it's simpler than you thought.
#include <openssl/ssl.h> #include <openssl/ecdh.h> #include <openssl/sha.h> #include <openssl/crypto.h> #define ECDH_SIZE 67 static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) { #ifndef OPENSSL_NO_SHA if (*outlen < SHA_DIGEST_LENGTH) return NULL; else *outlen = SHA_DIGEST_LENGTH; return SHA1(in, inlen, out); #else return NULL; #endif } int main() { int alen = 0; int blen = 0; int aout = 0; int bout = 0; static const int KDF1_SHA1_len = 20; unsigned char *abuf = NULL; unsigned char *bbuf = NULL; OpenSSL_add_all_ciphers(); OpenSSL_add_all_algorithms(); EC_KEY *ecdh = NULL; EC_KEY *ecdh2 = NULL; //Generate Public ecdh = EC_KEY_new_by_curve_name(NID_secp521r1); ecdh2 = EC_KEY_new_by_curve_name(NID_secp521r1); EC_KEY_generate_key(ecdh); EC_KEY_generate_key(ecdh2); alen = KDF1_SHA1_len; abuf = (unsigned char *) OPENSSL_malloc (alen); aout = ECDH_compute_key(abuf, alen, EC_KEY_get0_public_key(ecdh2), ecdh, KDF1_SHA1); blen = KDF1_SHA1_len; bbuf = (unsigned char *)OPENSSL_malloc(blen); bout = ECDH_compute_key(bbuf, blen, EC_KEY_get0_public_key(ecdh), ecdh2, KDF1_SHA1); if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0)) { printf("Error! The keys are different! \n"); } if(abuf) free(abuf); if(bbuf) free(bbuf); EC_KEY_free(ecdh); EC_KEY_free(ecdh2); printf("To the end"); return 0; } On Tue, May 15, 2012 at 12:09 PM, Matt Caswell (fr...@baggins.org) < fr...@baggins.org> wrote: > On 15 May 2012 15:22, Fábio Resner <fabiu...@gmail.com> wrote: > > Hi, > > > > I'm trying to write an app to generate public/private/shared key for > ECDH. > > Here is what I was able to build based on examples: > > > > #include <openssl/ssl.h> > > > > #define ECDH_SIZE 67 > > > > int main() { > > EC_KEY *ecdh = EC_KEY_new(); > > const EC_POINT *point = NULL; > > > > EC_POINT *point2; > > const EC_GROUP *group; > > > > // const void *pubkey = NULL; > > unsigned char *pubkey = NULL; > > void *shared = NULL; > > > > //Generate Public > > ecdh = EC_KEY_new_by_curve_name(NID_secp521r1); > > EC_KEY_generate_key(ecdh); > > > > point = EC_KEY_get0_public_key(ecdh); > > EC_POINT_point2oct(EC_KEY_get0_group(ecdh), point, > > POINT_CONVERSION_COMPRESSED, pubkey, ECDH_SIZE, NULL); > > > I am not familiar with the ECDH functions....but I am familiar with > the EC functions and this line does not look right. > > If you pass a null pointer for a buffer to point2oct then the function > will return the size of the buffer that you require. You need to check > the return value, malloc a buffer of the required size and then > re-call point2oct. > > > > //ComputeKey > > group = EC_KEY_get0_group((ecdh)); > > point2 = EC_POINT_new(group); > > > > EC_POINT_oct2point(group, point2, pubkey, ECDH_SIZE, NULL); > > > > ECDH_compute_key(shared, ECDH_SIZE, point2, ecdh, NULL); > > As I said I'm not familiar with the ECDH functions...but this looks > like you are trying to generate a shared key using only one > public/private key pair?? > > > > EC_POINT_free(point2); > > EC_KEY_free(ecdh); > > ecdh = NULL; > > > > printf("To the end"); > > > > return 0; > > } > > > > But it just broke on EC_POINT_oct2point(group, point2, pubkey, ECDH_SIZE, > > NULL); > > And pubkey is exiting EC_POINT_point2oct(EC_KEY_get0_group(ecdh), point, > > POINT_CONVERSION_COMPRESSED, pubkey, ECDH_SIZE, NULL); with a NULL value. > > The program exists and gives no segFAULT or any erros messages. > > > > Any suggestions? > > > > Thanks, > > > > -- > > Fabio Resner. > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > -- Rick Lopes de Souza