EC-Elgamal not work fine

Sat, 05 Jul 2008 05:08:09 -0700 

Hi all,
I developed EC-Elgamal crypto schema, work fine till I use NIST
Prime-Curve, but when I try to work on NIST Binary-Curve crypted point
is egual to decrypted poit.

This is source code, pls help me :(


#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#include "../e_os.h"

#include <openssl/opensslconf.h>        /* for OPENSSL_NO_ECDH */
#include <openssl/crypto.h>
#include <openssl/bio.h>
#include <openssl/bn.h>
#include <openssl/objects.h>
#include <openssl/rand.h>
#include <openssl/sha.h>
#include <openssl/err.h>

#ifdef OPENSSL_NO_ECDH

int main(int argc, char *argv[]) {
    printf("No ECDH support\n");
    return(0);
}

#else

#include <openssl/ec.h>
#include <openssl/ecdh.h>

static const char rnd_seed[] = "21o4h32rfon4d3ornou53gnwqpegbnng";


static int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO
*out) {
    
    EC_KEY *a=NULL;
    EC_KEY *b=NULL;
    BIGNUM *x_a=NULL, *y_a=NULL,
            *x_b=NULL, *y_b=NULL;
    
    int ret=0;
    
    const EC_GROUP *group;
    
    EC_POINT *M = NULL, *P = NULL, *R = NULL, *Q = NULL, *A = NULL, *B =
NULL;
    
    a = EC_KEY_new_by_curve_name(nid);
    b = EC_KEY_new_by_curve_name(nid);
    
    if (a == NULL || b == NULL)
        goto err;
    
    group = EC_KEY_get0_group(a);
    
    if ((x_a=BN_new()) == NULL) goto err;
    if ((y_a=BN_new()) == NULL) goto err;
    if ((x_b=BN_new()) == NULL) goto err;
    if ((y_b=BN_new()) == NULL) goto err;
    
    BIO_puts(out, "Testing key generation with ");
    BIO_puts(out, text);
    BIO_puts(out, "\n");
    
    
    if (!EC_KEY_generate_key(a)) goto err;
    if (!EC_KEY_generate_key(b)) goto err;
    
    P = EC_POINT_new(group);
    Q = EC_POINT_new(group);
    R = EC_POINT_new(group);
    A = EC_POINT_new(group);
    B = EC_POINT_new(group);
    M = EC_POINT_new(group);
    
    EC_POINT_copy(P, EC_KEY_get0_public_key(a));
    EC_POINT_copy(Q, EC_KEY_get0_public_key(a));
    EC_POINT_copy(R, EC_KEY_get0_public_key(a));
    EC_POINT_copy(A, EC_KEY_get0_public_key(a));
    EC_POINT_copy(B, EC_KEY_get0_public_key(a));
    EC_POINT_copy(M, EC_KEY_get0_public_key(a));
    
    
    
    
    /*
     * Q = a * P
     */
    EC_POINT_mul(group, Q, NULL, P, EC_KEY_get0_private_key(a), ctx);
    
    
    if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
NID_X9_62_prime_field) {
        
        if (!EC_POINT_get_affine_coordinates_GFp(group, P, x_a, y_a,
ctx)) goto err;
        
    }else {
        
        if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x_a, y_a,
ctx)) goto err;
        
    }
    
    BIO_printf(out, "Point P (x,y): ");
    BN_print(out, x_a);
    BIO_printf(out, ",");
    BN_print(out, y_a);
    
    
    BIO_printf(out, "\nkey a:\n");
    BIO_printf(out, "private key: ");
    
    BN_print(out, EC_KEY_get0_private_key(a));
    BIO_printf(out, "\n");
    
    BIO_printf(out, "\nkey b:\n");
    BIO_printf(out, "private key: ");
    
    BN_print(out, EC_KEY_get0_private_key(b));
    BIO_printf(out, "\n");
    
    /*
     * Encrypting message P because message must be in E
     */
    
    /*
     * R = b * P
     */
    EC_POINT_mul(group, R, NULL, P, EC_KEY_get0_private_key(b), ctx);
    
    /*
     * B = [b * a] * P
     */
    EC_POINT_mul(group, B, NULL, Q, EC_KEY_get0_private_key(b), ctx);
    
    /*
     * B = P + [b * a] * P
     */
    
    EC_POINT_add(group, B, P, B, ctx);
    
    if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
NID_X9_62_prime_field) {
        if (!EC_POINT_get_affine_coordinates_GFp(group, B, x_a, y_a,
ctx)) goto err;
    }else {
        if (!EC_POINT_get_affine_coordinates_GF2m(group, B, x_a, y_a,
ctx)) goto err;
    }
    
    BIO_printf(out, "Encrypted Point P (x,y): ");
    BN_print(out, x_a);
    BIO_printf(out, ",");
    BN_print(out, y_a);
    BIO_printf(out, "\n");
    
    
    
    /*
     * Decrypting message B = (bP, P + abP)
     */
    
    EC_POINT_mul(group, R, NULL, R, EC_KEY_get0_private_key(a), ctx);
    
    EC_POINT_invert(group, R, ctx);
    
    EC_POINT_add(group, B, B, R, ctx);
    
    if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
NID_X9_62_prime_field) {
        if (!EC_POINT_get_affine_coordinates_GFp(group, B, x_b, y_b,
ctx)) goto err;
    }else {
        if (!EC_POINT_get_affine_coordinates_GF2m(group, B, x_b, y_b,
ctx)) goto err;
    }
    
    BIO_printf(out, "Decrypted point P (x,y): ");
    BN_print(out, x_b);
    BIO_printf(out, ",");
    BN_print(out, y_b);
    
    BIO_printf(out, "\n");
    
    
    ret=1;
    err:
    ERR_print_errors_fp(stderr);
    
    if (y_a) BN_free(y_a);
    if (x_b) BN_free(x_b);
    if (y_b) BN_free(y_b);
    if (b) EC_KEY_free(b);
    if (a) EC_KEY_free(a);
    return(ret);
}

int main(int argc, char *argv[]) {
    BN_CTX *ctx=NULL;
    int ret=1;
    BIO *out;
    
    RAND_seed(rnd_seed, sizeof rnd_seed);
    
    out=BIO_new(BIO_s_file());
    FILE* fp;
    if((fp=fopen("keys", "w"))==NULL) {
        printf("Error in fopen!\n");
        return 0;
    }
    if (out == NULL) EXIT(1);
    BIO_set_fp(out, fp, BIO_NOCLOSE);
    
    if ((ctx=BN_CTX_new()) == NULL) goto err;
    
    /* NIST PRIME CURVES TESTS */
    if (!test_ecdh_curve(NID_X9_62_prime192v1, "NIST Prime-Curve P-192",
ctx, out)) goto err;
    if (!test_ecdh_curve(NID_secp224r1, "NIST Prime-Curve P-224", ctx,
out)) goto err;
    if (!test_ecdh_curve(NID_X9_62_prime256v1, "NIST Prime-Curve P-256",
ctx, out)) goto err;
    if (!test_ecdh_curve(NID_secp384r1, "NIST Prime-Curve P-384", ctx,
out)) goto err;
    if (!test_ecdh_curve(NID_secp521r1, "NIST Prime-Curve P-521", ctx,
out)) goto err;
    /* NIST BINARY CURVES TESTS */
    if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx,
out)) goto err;
    if (!test_ecdh_curve(NID_sect163r2, "NIST Binary-Curve B-163", ctx,
out)) goto err;
    if (!test_ecdh_curve(NID_sect233k1, "NIST Binary-Curve K-233", ctx,
out)) goto err;
    if (!test_ecdh_curve(NID_sect233r1, "NIST Binary-Curve B-233", ctx,
out)) goto err;
    if (!test_ecdh_curve(NID_sect283k1, "NIST Binary-Curve K-283", ctx,
out)) goto err;
    if (!test_ecdh_curve(NID_sect283r1, "NIST Binary-Curve B-283", ctx,
out)) goto err;
    if (!test_ecdh_curve(NID_sect409k1, "NIST Binary-Curve K-409", ctx,
out)) goto err;
    if (!test_ecdh_curve(NID_sect409r1, "NIST Binary-Curve B-409", ctx,
out)) goto err;
    if (!test_ecdh_curve(NID_sect571k1, "NIST Binary-Curve K-571", ctx,
out)) goto err;
    if (!test_ecdh_curve(NID_sect571r1, "NIST Binary-Curve B-571", ctx,
out)) goto err;
    
    ret = 0;
    fclose(fp);
    
    err:
    ERR_print_errors_fp(stderr);
    if (ctx) BN_CTX_free(ctx);
    BIO_free(out);
    CRYPTO_cleanup_all_ex_data();
    ERR_remove_state(0);
    CRYPTO_mem_leaks_fp(stderr);
    EXIT(ret);
    return(ret);
}

#endif


output :

Testing key generation with NIST Binary-Curve K-163

Point P (x,y):
2DC0A8BAAE6199F6603FA504361685B4255C6D03F,6BD43B113FCFFD7B18CF9EA4A696AB81E217E955F

key a:

private key: B0DB552C7D8B09776B9669F4524BAA10F08A46BA

key b:

private key: 3D2AF43E0B858AC1F97D5224FE1C446F610F907DE

Encrypted Point P (x,y):
38DE7188633292F192689530F9890F26629C7217B,7E7270D2AE583D5CEFAA4A1CB09770CF830BE3213

Decrypted point P (x,y):
38DE7188633292F192689530F9890F26629C7217B,7E7270D2AE583D5CEFAA4A1CB09770CF830BE3213

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [email protected]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to