ECDH example for openssl 0.9.8za

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

ECDH example for openssl 0.9.8za

pratyush parimal
Hello users,

I recently wrote a program to do ECDH secret derivation, using OpenSSL v1.0.1f.
I actually followed the example given at http://wiki.openssl.org/index.php/Elliptic_Curve_Diffie_Hellman, and I was able to make it work.

But I need to make the program work on a machine with OpenSSL v0.9.8za, and I found that the example wouldn't compile as many of the functions like:
EVP_PKEY_CTX_new_id
EVP_PKEY_paramgen_init,

and many more were introduced only in 1.0.0 and later.

So does anyone know how to get the secret derivation working in OpenSSL v0.9.8 ? Because from what I read I think it was supported, so I guess I just don't know what functions to substitute for these.

I'm developing on Ubuntu 14.04, but I'll be using an older version of OpenSSL (v0.9.8za) for my particular use case.

Any help would be greatly appreciated.

Thanks in advance!
Pratyush Parimal.


Reply | Threaded
Open this post in threaded view
|

Re: ECDH example for openssl 0.9.8za

Viktor Dukhovni
On Mon, Jun 23, 2014 at 06:46:29PM -0400, pratyush parimal wrote:

> So does anyone know how to get the secret derivation working in OpenSSL
> v0.9.8?

The EC support in 0.9.8 is incomplete, and disabled by default.
You should treat 0.9.8 as NOT capable of doing EC.

> Because from what I read I think it was supported, so I guess I
> just don't know what functions to substitute for these.

Your source was wrong.  While some EC functionality is present in
0.9.8, it should not be used.

--
        Viktor.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: ECDH example for openssl 0.9.8za

pratyush parimal

Hi,

Thanks a lot for the clarification. I understand now.

Could you also let ne know the same about normal DH operations (not the ec counterparts)? Are they supported in v0.9.8 then?

Regards,
Pratyush.

On Jun 23, 2014 7:07 PM, "Viktor Dukhovni" <[hidden email]> wrote:
On Mon, Jun 23, 2014 at 06:46:29PM -0400, pratyush parimal wrote:

> So does anyone know how to get the secret derivation working in OpenSSL
> v0.9.8?

The EC support in 0.9.8 is incomplete, and disabled by default.
You should treat 0.9.8 as NOT capable of doing EC.

> Because from what I read I think it was supported, so I guess I
> just don't know what functions to substitute for these.

Your source was wrong.  While some EC functionality is present in
0.9.8, it should not be used.

--
        Viktor.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: ECDH example for openssl 0.9.8za

Viktor Dukhovni
On Mon, Jun 23, 2014 at 07:18:06PM -0400, pratyush parimal wrote:

> Thanks a lot for the clarification. I understand now.
>
> Could you also let ne know the same about normal DH operations (not the ec
> counterparts)? Are they supported in v0.9.8 then?

Prime DH is supported in 0.9.8.

--
        Viktor.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: ECDH example for openssl 0.9.8za

pratyush parimal

Thanks .. that helps!
-pratyush

On Jun 23, 2014 7:44 PM, "Viktor Dukhovni" <[hidden email]> wrote:
On Mon, Jun 23, 2014 at 07:18:06PM -0400, pratyush parimal wrote:

> Thanks a lot for the clarification. I understand now.
>
> Could you also let ne know the same about normal DH operations (not the ec
> counterparts)? Are they supported in v0.9.8 then?

Prime DH is supported in 0.9.8.

--
        Viktor.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]