PS. If it's of any help, the remote system is a BlackBerry using the standard BlackBerry APIs. The remote key is exported on the BlackBerry using X.509 encoding (as would be expected), with no compression.
On Friday, August 17, 2012 6:26:28 PM UTC-7, Shaun Botha wrote: > > Hi there; > > I'm having trouble using a X.509-formatted ECDH public key created on a > remote system to perform an ECDH key agreement. Basically, my "Agree()" > function call fails and, while I'm sure it has to do with how I'm using the > remote public key, I can't figure out what I must do to fix this. Any > insight will be greatly appreciated. > > Also, I have read through Jeff's postings on Code Project at > http://www.codeproject.com/Articles/25487/Cryptographic-Interoperability-Keys, > > (thanks very much Jeff) but I'm still at a loss. > > bool AgreeECDH(vector<uint8_t>& vu8SharedSecret) > { > /* > -- Remote public key is as follows - as per dumpasn1 > > 0 118: SEQUENCE { > 2 16: SEQUENCE { > 4 7: OBJECT IDENTIFIER ecPublicKey (1 2 840 10045 2 1) > 13 5: OBJECT IDENTIFIER secp384r1 (1 3 132 0 34) > : } > 20 98: BIT STRING > : 04 38 3A 5D 33 6F 26 BD 37 1A D1 94 4A E9 66 89 > : 47 35 3A ED 7A D6 7A 32 A7 BA 71 3C 5A 7C DA C5 > : 51 79 76 49 E7 11 A8 B8 48 EC DE 71 69 F3 1E 05 > : FF D2 FD F0 0A AD 04 A9 58 B9 7F 43 D9 33 93 71 > : D8 25 69 A6 3F F9 09 27 19 39 4E 1B BA 20 70 7E > : 14 2E 5C 83 F0 DC 70 CD 15 A7 10 6C EA 95 E2 F7 > : 31 > : } > > */ > > // Binary data of remote public key - see ASN1 dump above > uint8_t u8RemotePublicKey[] = {0x30, 0x76, 0x30, 0x10, 0x06, 0x07, 0x2A, > 0x86, 0x48, 0xCE, 0x3D, > 0x02, 0x01, 0x06, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22, 0x03, 0x62, > 0x00, 0x04, 0x38, 0x3A, 0x5D, 0x33, 0x6F, 0x26, 0xBD, 0x37, 0x1A, > 0xD1, 0x94, 0x4A, 0xE9, 0x66, 0x89, 0x47, 0x35, 0x3A, 0xED, 0x7A, > 0xD6, 0x7A, 0x32, 0xA7, 0xBA, 0x71, 0x3C, 0x5A, 0x7C, 0xDA, 0xC5, > 0x51, 0x79, 0x76, 0x49, 0xE7, 0x11, 0xA8, 0xB8, 0x48, 0xEC, 0xDE, > 0x71, 0x69, 0xF3, 0x1E, 0x05, 0xFF, 0xD2, 0xFD, 0xF0, 0x0A, 0xAD, > 0x04, 0xA9, 0x58, 0xB9, 0x7F, 0x43, 0xD9, 0x33, 0x93, 0x71, 0xD8, > 0x25, 0x69, 0xA6, 0x3F, 0xF9, 0x09, 0x27, 0x19, 0x39, 0x4E, 0x1B, > 0xBA, 0x20, 0x70, 0x7E, 0x14, 0x2E, 0x5C, 0x83, 0xF0, 0xDC, 0x70, > 0xCD, 0x15, 0xA7, 0x10, 0x6C, 0xEA, 0x95, 0xE2, 0xF7, 0x31}; > > CryptoPP::AutoSeededX917RNG<CryptoPP::AES> rng; > CryptoPP::ECDH<CryptoPP::ECP>::Domain > oECDHDomain(CryptoPP::ASN1::secp384r1()); > vector<uint8_t> vu8ECDHPrivateKey; > vector<uint8_t> vu8ECDHPublicKeyLocal; > vector<uint8_t> vu8ECDHPublicKeyRemote; > bool rc; > > // Allocate buffer space in the byte vectors for the keys > vu8ECDHPrivateKey.assign(oECDHDomain.PrivateKeyLength(), 0); > vu8ECDHPublicKeyLocal.assign(oECDHDomain.PublicKeyLength(), 0); > > // Generate the keypair > oECDHDomain.GenerateKeyPair(rng, &vu8ECDHPrivateKey[0], > &vu8ECDHPublicKeyLocal[0]); > // Allocate space for the shared secret > vu8SharedSecret.assign(oECDHDomain.AgreedValueLength(), 0); > > * // Perform the ECDH agreement - THIS FAILS!!* > * rc = oECDHDomain.Agree(&vu8SharedSecret[0], &vu8ECDHPrivateKey[0], > u8RemotePublicKey, false);* > > // Return the result. If successful, vu8SharedSecret will contain the > shared secret > return rc; > } > > Thanks very much. > > ShaunB... > > -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com.
