ECC & EVP Interface Broken?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

ECC & EVP Interface Broken?

Ladar Levison


The code below works when I use the RSA key generation functions, but when I try
to generate an ECC key, and use it, it doesn't work. I am using 0.9.8 beta 6.

I'm not sure if this is a result of my lack of understanding about ECC, or the
implementation is broken, hence my post to `users` and not `dev`.

Does anyone know of a good tutorial for using OpenSSL to do ECC encryption? I
haven't found anything on Google.

On a side note, I understand that the session key is stored in `ek`, but what I
don't know is whether that session key is encrypted using the public ECC key. If
so, then it doesn't need to be protected, only the ECC private key needs to be
protected. Can someone confirm this for me?

Thanks,

L~

#include <stdio.h>
#include <ssl.h>
#include <string.h>
#include <rand.h>
#include <ecdsa.h>

int main() {
       
        char *string = "This is the string we are trying to encrypt.";
        printf("Unencoded string = {%s}\n", string);
       
        /*
        RSA *key = RSA_generate_key(1024, RSA_F4, NULL, NULL);
        EVP_PKEY *pkey = EVP_PKEY_new();
        EVP_PKEY_assign_RSA(pkey, key);
        */
       
       
        EC_GROUP *group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
        if (group == NULL) {
                printf("Could not get group.\n");
                return 0;
        }
        EC_KEY *key = EC_KEY_new();
        if (key == NULL) {
                printf("Could not generate an EC key structure.\n");
                return 0;
        }
        if (EC_KEY_set_group(key, group) == 0) {
                printf("EC Group association failed.\n");
                return 0;
        }
        if (EC_KEY_generate_key(key) == 0) {
                printf("EC Key Generation failed.\n");
                return 0;
        }
        EVP_PKEY *pkey = EVP_PKEY_new();
        if (EVP_PKEY_assign_EC_KEY(pkey, key) == 0) {
                printf("Could not associate the EC key with PKEY.\n");
                return 0;
        }
       
        char iv[EVP_MAX_IV_LENGTH];
        RAND_pseudo_bytes(iv, EVP_MAX_IV_LENGTH);
       
        EVP_CIPHER_CTX ctx;
        int out_len = EVP_PKEY_size(pkey);
        int npubk = 1;
        unsigned char **ek = (unsigned char **)malloc(sizeof(unsigned char *) * npubk);
        ek[0] = (unsigned char *) malloc(EVP_PKEY_size(pkey));
        EVP_SealInit(&ctx, EVP_aes_256_cbc(), ek, &out_len, &iv[0], &pkey, npubk);
       
        int buf_len = 500;
        unsigned char buf[buf_len];
        EVP_SealUpdate(&ctx, &buf[0], &buf_len, string, strlen(string));
       
        int i;
        int tot_len = buf_len;
        printf("Encoded string = {");
        for (i = 0; i < buf_len; i++) {
                printf("%02x", buf[i]);
        }
       
        EVP_SealFinal(&ctx, &buf[buf_len], &buf_len);
        for (i = 0; i < buf_len; i++) {
                printf("%02x", buf[i + tot_len]);
        }
        printf("}\n");
       
        EVP_OpenInit(&ctx, EVP_aes_256_cbc(), *ek, out_len, &iv[0], pkey);
       
        char de_string[1000];
        int de_len = 1000;
        EVP_OpenUpdate(&ctx, de_string, &de_len, &buf[0], tot_len + buf_len);
        tot_len = de_len;
        EVP_OpenFinal(&ctx, &de_string[tot_len], &de_len);
        de_string[tot_len + de_len] = '\0';
       
       
        printf("Unencoded string = {%s}\n", de_string);
       
        return 0;
}


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: ECC & EVP Interface Broken?

Dr. Stephen Henson
On Thu, Jul 07, 2005, Ladar Levison wrote:

>
>
> The code below works when I use the RSA key generation functions, but when
> I try
> to generate an ECC key, and use it, it doesn't work. I am using 0.9.8 beta
> 6.
>
> EVP_SealInit(&ctx, EVP_aes_256_cbc(), ek, &out_len, &iv[0], &pkey,
> npubk);
>

That's your problem there. Key transport (which EVP_SealInit uses) can only be
done with RSA keys.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: ECC & EVP Interface Broken?

Ladar Levison
Dr. Stephen Henson wrote:

> On Thu, Jul 07, 2005, Ladar Levison wrote:
>
>
>>
>>The code below works when I use the RSA key generation functions, but when
>>I try
>>to generate an ECC key, and use it, it doesn't work. I am using 0.9.8 beta
>>6.
>>
>> EVP_SealInit(&ctx, EVP_aes_256_cbc(), ek, &out_len, &iv[0], &pkey,
>> npubk);
>>
>
>
> That's your problem there. Key transport (which EVP_SealInit uses) can only be
> done with RSA keys.
>
> Steve.

This might be a dumb question, but what is `key transport` and why doesn't ECC
support it?

Is this is a case where OpenSSL implementation of ECC doesn't support it, or
where ECC isn't a suitable algorithim to use for envelope encryption?

L~


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: ECC & EVP Interface Broken?

Dr. Stephen Henson
On Thu, Jul 07, 2005, Ladar Levison wrote:

> Dr. Stephen Henson wrote:
> >On Thu, Jul 07, 2005, Ladar Levison wrote:
> >
> >
> >>
> >>The code below works when I use the RSA key generation functions, but
> >>when I try
> >>to generate an ECC key, and use it, it doesn't work. I am using 0.9.8
> >>beta 6.
> >>
> >> EVP_SealInit(&ctx, EVP_aes_256_cbc(), ek, &out_len, &iv[0], &pkey,
> >> npubk);
> >>
> >
> >
> >That's your problem there. Key transport (which EVP_SealInit uses) can
> >only be
> >done with RSA keys.
> >
>
> This might be a dumb question, but what is `key transport` and why doesn't
> ECC support it?
>
> Is this is a case where OpenSSL implementation of ECC doesn't support it,
> or where ECC isn't a suitable algorithim to use for envelope encryption?
>

Key transport is where some secret data (for example an AES key) is encrypted
using a public key so that the intended recipient can recover it by decryption
with a private key.

The only algorithm that currently can do this in OpenSSL is RSA.

I think there are some ECC algorithms that can be used for key transport (El
Gamal?) but they aren't currently supported.

Key agreement, where two parties agree on the same secret key, is supported
using ECDH.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]