I was able to produce a private and public keys with the following commands
(thanks BJ):
# Private key
openssl ecparam -name wap-wsg-idm-ecid-wtls8 -genkey -noout \
-out wtls8-priv.der -outform DER -conv_form compressed \
-param_enc named_curve
And:
# Public key
openssl ec -in wtls8-priv.der -inform DER -outform DER \
-conv_form compressed -out wtls8-pub.der -pubout
Note the use of `-param_enc named_curve`. The named curve is required per
RFC 5915. "Named Curve" means you call it by the OID, and not a list of
domain parameters.
The following program reads and verifies the public key OK, but it dies on
the private key. It needs the OID patch.
cout << "Loading verifier key..." << endl;
FileSource fs2("wtls8-pub.der", true);
verifier.BERDecode(fs2);
verifier.GetKey().Validate(prng, 3);
cout << "Validated verifier key..." << endl;
cout << "Loading signer key..." << endl;
FileSource fs1("wtls8-priv.der", true);
signer.BERDecode(fs1);
signer.GetKey().Validate(prng, 3);
cout << "Validated signer key..." << endl;
It dies on parsing the private key in PKCS8PrivateKey::BERDecode due to the
version check (more below).
According to RFC 5915:
ECPrivateKey ::= SEQUENCE {
version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
privateKey OCTET STRING,
parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
publicKey [1] BIT STRING OPTIONAL
}
And:
$ dumpasn1 wtls8-priv.der
0 62: SEQUENCE {
2 1: INTEGER 1
5 14: OCTET STRING FD 11 D7 5E E1 72 74 E0 A5 69 A2 6E 69 49
21 7: [0] {
23 5: OBJECT IDENTIFIER '2 23 43 1 4 8'
: }
30 32: [1] {
32 30: BIT STRING
: 04 68 0C BA 14 5D D1 FC C1 FE 8A 7E A0 4E 86 58
: 6E 28 33 FE 2C EF EF 74 E7 ED 61 ED D0
: }
: }
But Crypto++ wants version 0 (from asn.cpp:548):
// check version
BERDecodeUnsigned<word32>(privateKeyInfo, version, INTEGER, 0, 0);
Next is to figure out version 0 vs 1.
Jeff
**********
$ gdb ./wtls-test.exe
GNU gdb (Ubuntu 7.7.1-0ubuntu5~14.04.2) 7.7.1
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./wtls-test.exe...done.
(gdb) b BERDecode
Breakpoint 1 at 0x403a7b: BERDecode. (2 locations)
(gdb) r
Starting program: /home/jwalton/cryptopp-wtls/wtls-test.exe
Loading verifier key...
Breakpoint 1, main (argc=<optimized out>, argv=<optimized out>)
at wtls-test.c++:50
warning: Source file is more recent than executable.
50 verifier.BERDecode(fs2);
(gdb) c
Continuing.
Validated verifier key...
Loading signer key...
Breakpoint 1, main (argc=<optimized out>, argv=<optimized out>)
at wtls-test.c++:60
60
(gdb) s
BERDecode (bt=..., this=0x7fffffffdcf8) at cryptlib.h:1144
1144 {AccessMaterial().Load(bt);}
(gdb)
CryptoPP::PrivateKeyAlgorithm::AccessMaterial (this=0x7fffffffdcf8)
at cryptlib.h:1168
1168 CryptoMaterial & AccessMaterial() {return AccessPrivateKey();}
(gdb)
CryptoPP::DL_ObjectImplBase<CryptoPP::DL_SignerBase<CryptoPP::ECPPoint>,
CryptoPP::DL_SignatureSchemeOptions<CryptoPP::DL_SS<CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>,
CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>,
CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1, int>,
CryptoPP::DL_Keys_ECDSA<CryptoPP::ECP>,
CryptoPP::DL_Algorithm_ECDSA<CryptoPP::ECP>,
CryptoPP::DL_SignatureMessageEncodingMethod_DSA, CryptoPP::SHA1>,
CryptoPP::DL_PrivateKey_WithSignaturePairwiseConsistencyTest<CryptoPP::DL_PrivateKey_EC<CryptoPP::ECP>,
CryptoPP::ECDSA<CryptoPP::ECP, CryptoPP::SHA256> > >::AccessPrivateKey
(this=0x7fffffffdcf0)
at pubkey.h:1287
1287 PrivateKey & AccessPrivateKey() {return m_key;}
(gdb)
CryptoPP::ASN1CryptoMaterial<CryptoPP::PrivateKey>::Load
(this=0x7fffffffdd10,
bt=...) at asn.h:254
254 void Load(BufferedTransformation &bt)
(gdb)
255 {BERDecode(bt);}
(gdb)
CryptoPP::PKCS8PrivateKey::BERDecode (this=0x7fffffffdd10, bt=...)
at asn.cpp:548
548 {
(gdb) l
543
544 subjectPublicKeyInfo.MessageEnd();
545 }
546
547 void PKCS8PrivateKey::BERDecode(BufferedTransformation &bt)
548 {
549 BERSequenceDecoder privateKeyInfo(bt);
550 word32 version;
551 BERDecodeUnsigned<word32>(privateKeyInfo, version, INTEGER,
0, 0); // check version
552
(gdb) n
549 BERSequenceDecoder privateKeyInfo(bt);
(gdb)
551 BERDecodeUnsigned<word32>(privateKeyInfo, version, INTEGER,
0, 0); // check version
(gdb)
BER decode error
[Inferior 1 (process 29485) exited with code 01]
**********
here are some BERDecodeUnsigned:
$ grep -A 1 BERDecodeUnsigned *
asn.h:void BERDecodeUnsigned(BufferedTransformation &in, T &w, byte asnTag
= INTEGER,
asn.h- T minValue = 0, T maxValue = 0xffffffff)
--
asn.cpp: BERDecodeUnsigned<word32>(privateKeyInfo, version, INTEGER,
0, 0); // check version
--
ec2n.cpp: BERDecodeUnsigned<word32>(seq, version, INTEGER, 1, 1);
--
eccrypto.cpp: BERDecodeUnsigned<word32>(seq, version, INTEGER,
1, 1); // check version
--
eccrypto.cpp: BERDecodeUnsigned<word32>(seq, version, INTEGER, 1,
1);// check version
--
eprecomp.cpp: BERDecodeUnsigned<word32>(seq, version, INTEGER, 1, 1);
--
pem-rd.cpp: BERDecodeUnsigned<word32>(seq, v, INTEGER, 0, 0); //
check version
**********
On Thursday, February 26, 2015 at 8:54:45 AM UTC-5, Brendan Jones wrote:
>
> Hi all,
>
> I was wondering if anyone could tell me if it is in fact possible to
> verify a signature created using WTLS-8?
> A reference to the specification of this curve can be found here:
> http://technical.openmobilealliance.org/tech/affiliates/wap/wap-261-wtls-20010406-a.pdf
>
> (page 90)
>
> We are currently looking at alternatives to OpenSSL and Crypto++ seems
> like a good way to go.
> I have spent a little time trying to do this in Crypto++ but I have not
> had any success as yet. Before I go any further I thought I'd ask the
> knowledgable folk here.
>
--
--
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
---
You received this message because you are subscribed to the Google Groups
"Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
