Continuing on decrypting tryings.
For now shared secret is obtained as (x,y) from scalar multiplication
result. Google says "use SingleHashMode = 0", I understand now, that this
meanse that we should proivde not only shared, but accepted ephemeral
public to hkdf too.
Looking at BouncyCastle:
ECPoint[] ghTilde = new ECPoint[]{
basePointMultiplier.multiply(ecParams.getG(), r),
ecPubKey.getQ().multiply(rPrime)
};
// NOTE: More efficient than normalizing each individually
curve.normalizeAll(ghTilde);
ECPoint gTilde = ghTilde[0], hTilde = ghTilde[1];
// Encode the ephemeral public key
byte[] C = gTilde.getEncoded(false);
System.arraycopy(C, 0, out, outOff, C.length);
// Encode the shared secret value
byte[] PEH = hTilde.getAffineXCoord().getEncoded();
return deriveKey(keyLen, C, PEH);
Okay, we have ephemeral - accepted in request and used in scalar
multiplication. But cannot find in CryptoPP method like getAffineXCoord()?
Can it be done with CryptoPP like one-two-three?
--
You received this message because you are subscribed to "Crypto++ Users". More
information about Crypto++ and this group is available at
http://www.cryptopp.com and
http://groups.google.com/forum/#!forum/cryptopp-users.
---
You received this message because you are subscribed to the Google Groups
"Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
