Hello, Jeff. Still have questions:/ Google manual says to do so:
Using your private key and the given ephemeralPublicKey, derive a 256 bit long shared key using ECIES-KEM. Use the following parameters as defined in ISO 18033-2: - Using your private key and the given ephemeralPublicKey, derive a 256 bit long shared key using ECIES-KEM. Use the following parameters as defined in ISO 18033-2: - Elliptic curve: NIST P-256 (also known in OpenSSL as prime256v1) - CheckMode, OldCofactorMode, SingleHashMode and CofactorMode are 0 - Encoding function: Uncompressed Point format - Key derivation function: HKDFwithSHA256, as described in RFC 5869 <https://tools.ietf.org/html/rfc5869>, using the following parameters: - Salt should not be provided (per the RFC, this should be equivalent to a salt of 32 zeroed bytes) - Info should be Android or Google encoded in ASCII for protocol versions ECv0 and Ecv1 respectively - Split the generated key into two 128-bit-long keys: symmetricEncryptionKey and macKey. - Verify that the tag field is a valid MAC for encryptedMessage: - For generating the expected MAC, use HMAC (RFC 5869 <https://tools.ietf.org/html/rfc5869>) with hash function SHA256 and the macKeyobtained above - Use a constant time array comparison to avoid timing attacks - Decrypt encryptedMessage using AES128 CTR mode with a zero IV, no padding, and the symmetricEncryptionKey derived above. Question is: is equal to do it so: - DH2 deriving shared secret using Agree method (own ephemeral private obtained by generating from GenerateEphemeralPrivateKey ) - using CryptoPP::HKDF<CryptoPP::SHA256> to derive key - splitting key - using CryptoPP::CTR_Mode<CryptoPP::AES> for final decryption OR: should I use CryptoPP::DL_ES< CryptoPP::DL_Keys_EC<CryptoPP::ECP>, CryptoPP::KeyAgreementAlgorithm_DH<CryptoPP::ECP,CryptoPP::NO_COFACTOR_MULTIPLICTION>, CryptoPP::DL_KeyDerivationAlgorithm somehow? With overriding DL_KeyDerivationAlgorithm_P1363 with implementation of "HKDFwithSHA256" and so on? Or this is equal approaches? Still have questions, because on friday, I've recovered shared_key, but still cannot decrypt message for now. Thank you very much! -- You received this message because you are subscribed to "Crypto++ Users". More information about Crypto++ and this group is available at http://www.cryptopp.com and http://groups.google.com/forum/#!forum/cryptopp-users. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.