Yes i used from ec/ecdhtest.c. If you see the ECDH_compute_key in last argument It need some hash function to sign the shared secret. And here I need 256 bit secret key,that will be point on curve?. That why I tried to use here sha256,because sha1 is 20bytes .
Also ECDH_compute_key for this fun I did not find much detail. Do you know how can I get x,y cordinate from public point i mean which API to use? On 18 December 2012 04:36, Dave Thompson <dthomp...@prinpay.com> wrote: >> From: owner-openssl-us...@openssl.org On Behalf Of jeetendra gangele >> Sent: Monday, 17 December, 2012 13:17 > >> HI for ECDH can I use the HAs256 algorithm. >> >> I have gone through the inside DS and written this piece of code and >> it worked also. >> But here how can U sesha256 ,when i used i am getting the error. >> How can i use here sha256? >> > <snip> >> aout = ECDH_compute_key(abuf, alen, EC_KEY_get0_public_key(ecdh2), >> ecdh, KDF1_SHA1); > > What is KDF1_SHA1? If it's copied from ec/ecdhtest.c or apps/speed.c, > that's designed to use SHA1; if you want something else, change it. > I'm not sure why it's even there; the comment in speed.c says it was > in a tls-ecc draft, but it is NOT in 4492. I don't know of any other > ECDH (or DH) applications that apply a nontrivial KDF directly to > the agreement; if they do key derivation, it's somewhere else. > > Note that if you use a 163-bit curve as you coded, you won't get more > than about 80 bits of security strength out of it no matter how you > hash it, and that is now considered inadequate by most authorities. > If you use your commented version with p521, and sha256 or maybe 384, > you can get 256-bit strength, IF your keys actually have at least 256 > bits of entropy going in. But no one actually needs 256-bit strength, > and it's often a distraction from much more serious flaws elsewhere. > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
