The code below works when I use the RSA key generation functions, but when I try to generate an ECC key, and use it, it doesn't work. I am using 0.9.8 beta 6. I'm not sure if this is a result of my lack of understanding about ECC, or the implementation is broken, hence my post to `users` and not `dev`. Does anyone know of a good tutorial for using OpenSSL to do ECC encryption? I haven't found anything on Google. On a side note, I understand that the session key is stored in `ek`, but what I don't know is whether that session key is encrypted using the public ECC key. If so, then it doesn't need to be protected, only the ECC private key needs to be protected. Can someone confirm this for me? Thanks, L~ #include <stdio.h> #include <ssl.h> #include <string.h> #include <rand.h> #include <ecdsa.h> int main() { char *string = "This is the string we are trying to encrypt."; printf("Unencoded string = {%s}\n", string); /* RSA *key = RSA_generate_key(1024, RSA_F4, NULL, NULL); EVP_PKEY *pkey = EVP_PKEY_new(); EVP_PKEY_assign_RSA(pkey, key); */ EC_GROUP *group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1); if (group == NULL) { printf("Could not get group.\n"); return 0; } EC_KEY *key = EC_KEY_new(); if (key == NULL) { printf("Could not generate an EC key structure.\n"); return 0; } if (EC_KEY_set_group(key, group) == 0) { printf("EC Group association failed.\n"); return 0; } if (EC_KEY_generate_key(key) == 0) { printf("EC Key Generation failed.\n"); return 0; } EVP_PKEY *pkey = EVP_PKEY_new(); if (EVP_PKEY_assign_EC_KEY(pkey, key) == 0) { printf("Could not associate the EC key with PKEY.\n"); return 0; } char iv[EVP_MAX_IV_LENGTH]; RAND_pseudo_bytes(iv, EVP_MAX_IV_LENGTH); EVP_CIPHER_CTX ctx; int out_len = EVP_PKEY_size(pkey); int npubk = 1; unsigned char **ek = (unsigned char **)malloc(sizeof(unsigned char *) * npubk); ek[0] = (unsigned char *) malloc(EVP_PKEY_size(pkey)); EVP_SealInit(&ctx, EVP_aes_256_cbc(), ek, &out_len, &iv[0], &pkey, npubk); int buf_len = 500; unsigned char buf[buf_len]; EVP_SealUpdate(&ctx, &buf[0], &buf_len, string, strlen(string)); int i; int tot_len = buf_len; printf("Encoded string = {"); for (i = 0; i < buf_len; i++) { printf("%02x", buf[i]); } EVP_SealFinal(&ctx, &buf[buf_len], &buf_len); for (i = 0; i < buf_len; i++) { printf("%02x", buf[i + tot_len]); } printf("}\n"); EVP_OpenInit(&ctx, EVP_aes_256_cbc(), *ek, out_len, &iv[0], pkey); char de_string[1000]; int de_len = 1000; EVP_OpenUpdate(&ctx, de_string, &de_len, &buf[0], tot_len + buf_len); tot_len = de_len; EVP_OpenFinal(&ctx, &de_string[tot_len], &de_len); de_string[tot_len + de_len] = '\0'; printf("Unencoded string = {%s}\n", de_string); return 0; } ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email] |
On Thu, Jul 07, 2005, Ladar Levison wrote:
> > > The code below works when I use the RSA key generation functions, but when > I try > to generate an ECC key, and use it, it doesn't work. I am using 0.9.8 beta > 6. > > EVP_SealInit(&ctx, EVP_aes_256_cbc(), ek, &out_len, &iv[0], &pkey, > npubk); > That's your problem there. Key transport (which EVP_SealInit uses) can only be done with RSA keys. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email] |
Dr. Stephen Henson wrote:
> On Thu, Jul 07, 2005, Ladar Levison wrote: > > >> >>The code below works when I use the RSA key generation functions, but when >>I try >>to generate an ECC key, and use it, it doesn't work. I am using 0.9.8 beta >>6. >> >> EVP_SealInit(&ctx, EVP_aes_256_cbc(), ek, &out_len, &iv[0], &pkey, >> npubk); >> > > > That's your problem there. Key transport (which EVP_SealInit uses) can only be > done with RSA keys. > > Steve. This might be a dumb question, but what is `key transport` and why doesn't ECC support it? Is this is a case where OpenSSL implementation of ECC doesn't support it, or where ECC isn't a suitable algorithim to use for envelope encryption? L~ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email] |
On Thu, Jul 07, 2005, Ladar Levison wrote:
> Dr. Stephen Henson wrote: > >On Thu, Jul 07, 2005, Ladar Levison wrote: > > > > > >> > >>The code below works when I use the RSA key generation functions, but > >>when I try > >>to generate an ECC key, and use it, it doesn't work. I am using 0.9.8 > >>beta 6. > >> > >> EVP_SealInit(&ctx, EVP_aes_256_cbc(), ek, &out_len, &iv[0], &pkey, > >> npubk); > >> > > > > > >That's your problem there. Key transport (which EVP_SealInit uses) can > >only be > >done with RSA keys. > > > > This might be a dumb question, but what is `key transport` and why doesn't > ECC support it? > > Is this is a case where OpenSSL implementation of ECC doesn't support it, > or where ECC isn't a suitable algorithim to use for envelope encryption? > Key transport is where some secret data (for example an AES key) is encrypted using a public key so that the intended recipient can recover it by decryption with a private key. The only algorithm that currently can do this in OpenSSL is RSA. I think there are some ECC algorithms that can be used for key transport (El Gamal?) but they aren't currently supported. Key agreement, where two parties agree on the same secret key, is supported using ECDH. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email] |
Free forum by Nabble | Edit this page |