Hi there; I'm having trouble using a X.509-formatted ECDH public key created on a remote system to perform an ECDH key agreement. Basically, my "Agree()" function call fails and, while I'm sure it has to do with how I'm using the remote public key, I can't figure out what I must do to fix this. Any insight will be greatly appreciated.
Also, I have read through Jeff's postings on Code Project at http://www.codeproject.com/Articles/25487/Cryptographic-Interoperability-Keys, (thanks very much Jeff) but I'm still at a loss. bool AgreeECDH(vector<uint8_t>& vu8SharedSecret) { /* -- Remote public key is as follows - as per dumpasn1 0 118: SEQUENCE { 2 16: SEQUENCE { 4 7: OBJECT IDENTIFIER ecPublicKey (1 2 840 10045 2 1) 13 5: OBJECT IDENTIFIER secp384r1 (1 3 132 0 34) : } 20 98: BIT STRING : 04 38 3A 5D 33 6F 26 BD 37 1A D1 94 4A E9 66 89 : 47 35 3A ED 7A D6 7A 32 A7 BA 71 3C 5A 7C DA C5 : 51 79 76 49 E7 11 A8 B8 48 EC DE 71 69 F3 1E 05 : FF D2 FD F0 0A AD 04 A9 58 B9 7F 43 D9 33 93 71 : D8 25 69 A6 3F F9 09 27 19 39 4E 1B BA 20 70 7E : 14 2E 5C 83 F0 DC 70 CD 15 A7 10 6C EA 95 E2 F7 : 31 : } */ // Binary data of remote public key - see ASN1 dump above uint8_t u8RemotePublicKey[] = {0x30, 0x76, 0x30, 0x10, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22, 0x03, 0x62, 0x00, 0x04, 0x38, 0x3A, 0x5D, 0x33, 0x6F, 0x26, 0xBD, 0x37, 0x1A, 0xD1, 0x94, 0x4A, 0xE9, 0x66, 0x89, 0x47, 0x35, 0x3A, 0xED, 0x7A, 0xD6, 0x7A, 0x32, 0xA7, 0xBA, 0x71, 0x3C, 0x5A, 0x7C, 0xDA, 0xC5, 0x51, 0x79, 0x76, 0x49, 0xE7, 0x11, 0xA8, 0xB8, 0x48, 0xEC, 0xDE, 0x71, 0x69, 0xF3, 0x1E, 0x05, 0xFF, 0xD2, 0xFD, 0xF0, 0x0A, 0xAD, 0x04, 0xA9, 0x58, 0xB9, 0x7F, 0x43, 0xD9, 0x33, 0x93, 0x71, 0xD8, 0x25, 0x69, 0xA6, 0x3F, 0xF9, 0x09, 0x27, 0x19, 0x39, 0x4E, 0x1B, 0xBA, 0x20, 0x70, 0x7E, 0x14, 0x2E, 0x5C, 0x83, 0xF0, 0xDC, 0x70, 0xCD, 0x15, 0xA7, 0x10, 0x6C, 0xEA, 0x95, 0xE2, 0xF7, 0x31}; CryptoPP::AutoSeededX917RNG<CryptoPP::AES> rng; CryptoPP::ECDH<CryptoPP::ECP>::Domain oECDHDomain(CryptoPP::ASN1::secp384r1()); vector<uint8_t> vu8ECDHPrivateKey; vector<uint8_t> vu8ECDHPublicKeyLocal; vector<uint8_t> vu8ECDHPublicKeyRemote; bool rc; // Allocate buffer space in the byte vectors for the keys vu8ECDHPrivateKey.assign(oECDHDomain.PrivateKeyLength(), 0); vu8ECDHPublicKeyLocal.assign(oECDHDomain.PublicKeyLength(), 0); // Generate the keypair oECDHDomain.GenerateKeyPair(rng, &vu8ECDHPrivateKey[0], &vu8ECDHPublicKeyLocal[0]); // Allocate space for the shared secret vu8SharedSecret.assign(oECDHDomain.AgreedValueLength(), 0); * // Perform the ECDH agreement - THIS FAILS!!* * rc = oECDHDomain.Agree(&vu8SharedSecret[0], &vu8ECDHPrivateKey[0], u8RemotePublicKey, false);* // Return the result. If successful, vu8SharedSecret will contain the shared secret return rc; } Thanks very much. ShaunB... -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com.
