Hi, The KDF implementation in ecdhtest.c is based on the IEEE P1363 standard as the rest of the implementation of ECDH in OpenSSL. It can be regarded as a generalization of the X9.63 standard. However, the file ecdhtest.c is not part of the OpenSSL core and thus you can provide your own implementation of KDF and still use OpenSSL ECDH functions without any problem.
Regards, Mounir IDRASSI IDRIX http://www.idrix.fr Mark Shnaider a écrit : > > Hello, > > If I understand correctly, regarding X9.63 standard (5.6.3) derive > key (in case KDF_SHA1) must be computed as > > SHA1(Z || counter || [SharedInfo]) > > Z - secret value. > > But function KDF in the file ecdhtest .c does not use counter and > compute key as: > > SHA1(Z) > > To my mind bit string of counter equal 1 must be included in Sha1 > hash calculation. > > Is it bug, or my understanding? > > Best regards > > Mark > > > *Mark Shnaider | Software engineer | ARX* > phone: +972.3.9279543 | mobile: +972.54.2448543 | email: [EMAIL PROTECTED] > |_ www.arx.com_ > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
