Yes I tried 64 bytes hash but I need 56 bytes only as I told.
see the below code I am trying with SHA512 but I need only 56 bytes not 64.
It looks like ECDH_compute_key trying to copy all 64 bytes into the
shared secret buffer?.
I want only 56 bytes,is there a way that I can get 56 bytes shared key
with sha512 or some other Hash function since sha448 not present in
opessl.
static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen)
{
char buffer[1024] = {0};
char *outputBuffer = buffer;
#ifndef OPENSSL_NO_SHA
if (*outlen < SHA512_DIGEST_LENGTH)
return NULL;
else
{
*outlen = SHA512_DIGEST_LENGTH;
return SHA512(in, inlen, out);
}
EC_KEY_generate_key(ecdh);
EC_KEY_generate_key(ecdh2);
alen = KDF1_SHA1_len;
abuf = (unsigned char *) OPENSSL_malloc (alen);
aout = ECDH_compute_key(abuf, 64, EC_KEY_get0_public_key(ecdh2),
ecdh, KDF1_SHA1);
On 18 December 2012 13:54, Matt Caswell (fr...@baggins.org)
<fr...@baggins.org> wrote:
>
>
> On 18 December 2012 05:30, jeetendra gangele <gangele...@gmail.com> wrote:
>>
>> Ok,
>>
>> can you expain me how ec_compute_key work and specially this last
>> argument.
>> Why its need hash value to calculate the secret key.
>> I need to generate the 56 BYtes shred key.
>
>
> A KDF (Key Derivation Function) is typically used to generate a secret key
> from some other input which does not exhibit the properties necessary for
> direct cryptographic use, e.g. perhaps it would not pass statistical
> randomness tests.
>
> If you need 56 bytes then you could use a hash function that outputs at
> least that many bits, e.g. SHA512
>
> Matt
--
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
