精华内容
下载资源
问答
  • C语言中的微小ECDH / ECC 这是用C编写的的小型便携式实现。 来自维基百科的描述: 椭圆曲线Diffie-Hellman(ECDH)是一个匿名密钥协议协议,允许两个方(每个方都有一个椭圆曲线的公私钥对)在不安全的通道上建立...
  • Android 示例应用程序上的 #ECDH 位于的博客文章的代码示例 需要安卓 2.2。 使用 ###Note for Eclipse 下载最新的 Spongy Castle jars( core和prov ),将它们放到 lib/ 中,编译并运行。
  • ECDH产生共享密钥计算软件
  • 代码搬运工: 附件中代码为javascript的ecc算法支持, 会话密钥协商工具类, 在使用过程中椭圆曲线Elliptic Curve parameters需要指定;一般使用 secp256r1
  • ECDH 密钥交换算法程序,程序内含有调用大数求公钥,私钥求取,私钥计算。
  • 封装了.net core和.net Standard版的ECDH秘钥磋商和AES加解密源码。
  • ECDH加密算法 c语言版

    2015-03-09 20:50:58
    或者添加你自定义目录到ECDH的工程 项目的头文件和lib文件的搜索目录 具体怎么修改,请自行百度, 该ECDH生成算法, 该算法不支持PCQQ,因为不是参照PCQQ实现的,安卓版本请自行测试 项目使用VC C++6.0编译通过。...
  • ecdh-es 椭圆曲线 Diffie-Hellman 与 NodeJS 的临时静态密钥实现 安装 npm install --save ecdh-es 用 var ecdh = require('ecdh-es') , pubkey = new Buffer('03a34b99f22c790c4e36b2b3c2c35a36db06226e41c692...
  • ecdh c源码

    2018-11-14 14:48:44
    ECDH 跨平台的 python 模块,很不容易才找到.
  • 基于ECDH,布隆过滤器和Golomb压缩集的私有集相交协议。 要求 存在每种语言共享的整个项目的要求。 每种目标语言也可能有要求: 全球要求 这些是该项目所有目标语言的通用要求。 诸如clang,gcc或msvc之类的编译器...
  • 易语言ECDH密钥生成与密钥协商
  • ECDH密钥交换的C程序

    2021-03-13 23:54:17
    由于项目需要,使用openssl编写一段ECDH代码实现网络两端实体的密钥交换。虽然对openssl不熟悉,但也开始做。最先参照的是openssl官方wiki上的Elliptic Curve Diffie Hellman:...

    由于项目需要,使用openssl编写一段ECDH代码实现网络两端实体的密钥交换。

    虽然对openssl不熟悉,但也开始做。

    最先参照的是openssl官方wiki上的Elliptic Curve Diffie Hellman:http://wiki.openssl.org/index.php/Elliptic_Curve_Diffie_Hellman

    直接使用文中的代码。不过其中有段代码需要替换:

    /* Get the peer's public key, and provide the peer with our public key -

    * how this is done will be specific to your circumstances */

    peerkey = get_peerkey(pkey);

    我以为只要将这pkey和peerkey指向的密钥块通过网络交换一下就行了。

    先不经过网络交换这两个密钥数据,在本地测试,完全通过。但是,一涉及网络交换,程序就崩溃,并爆出内存错误。

    总以为是外围程序的问题,调试了好久好久……

    直到后来,最后打印出pkey和peerkey指向的类型为EVP_PKEY的数据来看,才发现EVP_PKEY占存储量很小(32字节),这才发现奇怪。因为密钥块一般挺大的。

    在openssl库安装路径include目录中找到evp.h,打开查看,发现:

    struct evp_pkey_st

    {

    int type;

    int save_type;

    int references;

    const EVP_PKEY_ASN1_METHOD *ameth;

    ENGINE *engine;

    union{

    char *ptr;

    #ifndef OPENSSL_NO_RSA

    struct rsa_st *rsa;/* RSA */

    #endif

    #ifndef OPENSSL_NO_DSA

    struct dsa_st *dsa;/* DSA */

    #endif

    #ifndef OPENSSL_NO_DH

    struct dh_st *dh;/* DH */

    #endif

    #ifndef OPENSSL_NO_EC

    struct ec_key_st *ec;/* ECC */

    #endif

    } pkey;

    int save_parameters;

    STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */

    } /* EVP_PKEY */;

    这下明白了,原来在网络上传输的我以为的“密钥块”原来是一堆指针!(而且是公私密钥对的指针。。。。)

    于是得想办法解决。找到这个帖子:

    How does one access the raw ECDH public key, private key and params inside OpenSSL's EVP_PKEY structure?

    http://stackoverflow.com/questions/18155559/how-does-one-access-the-raw-ecdh-public-key-private-key-and-params-inside-opens

    文中指出要进行公钥的序列化。

    然后挨个搜索API的说明,花了不少时间。又是一阵子调试……

    最后还是卡在反序列化过程中EC_KEY_set_public_key() to get an EC_KEY和EC_KEY to EVP_PKEY_set1_EC_KEY上了。

    心想只好换一种方法了。调试途中在google搜索EC_POINT_point2oct关键字时发现了一个页面:

    OpenSSL - User - ECDH http://openssl.6102.n7.nabble.com/ECDH-td22150.html

    3楼Rick的回复给的代码比较好。采用并改进,调试之。

    最终得到完整的ECDH代码:

    #include

    #define ECDH_SIZE 33

    void handleErrors()

    {

    printf("Error occurred.\n");

    }

    static void disp(const char *str, const void *pbuf, const int size)

    {

    int i=0;

    if(str != NULL){

    printf("%s:\n", str);

    }

    if(pbuf != NULL && size > 0){

    for(i=0;i

    printf("%02x ", *((unsigned char *)pbuf+i));

    putchar('\n');

    }

    putchar('\n');

    }

    int main() {

    /* alice */

    EC_KEY *ecdh = EC_KEY_new();

    EC_POINT *point = NULL;

    EC_POINT *point2c;

    EC_GROUP *group;

    unsigned char pubkey[ECDH_SIZE];

    unsigned char shared[ECDH_SIZE];

    int len;

    //Generate Public

    ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);//NID_secp521r1

    EC_KEY_generate_key(ecdh);

    point = EC_KEY_get0_public_key(ecdh);

    group = EC_KEY_get0_group(ecdh);

    if(0 == (len = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, pubkey, ECDH_SIZE, NULL))) handleErrors();

    printf("len=%d\n",len);

    /* bob */

    EC_KEY *ecdh2 = EC_KEY_new();

    EC_POINT *point2 = NULL;

    EC_POINT *pointc;

    EC_GROUP *group2;

    unsigned char pubkey2[ECDH_SIZE];

    unsigned char shared2[ECDH_SIZE];

    int len2;

    //Generate Public

    ecdh2 = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);//NID_secp521r1

    EC_KEY_generate_key(ecdh2);

    point2 = EC_KEY_get0_public_key(ecdh2);

    group2 = EC_KEY_get0_group(ecdh2);

    if(0 == (len2 = EC_POINT_point2oct(group2, point2, POINT_CONVERSION_COMPRESSED, pubkey2, ECDH_SIZE, NULL))) handleErrors();

    printf("len2=%d\n",len);

    /* alice */

    //ComputeKey

    point2c = EC_POINT_new(group);

    EC_POINT_oct2point(group, point2c, pubkey2, ECDH_SIZE, NULL);

    if (0 != EC_POINT_cmp(group, point2, point2c, NULL)) handleErrors();

    if(0 == (len = ECDH_compute_key(shared, ECDH_SIZE, point2c, ecdh, NULL))) handleErrors();

    printf("len=%d\n",len);

    disp("shared", shared, len);

    /* bob */

    //ComputeKey

    pointc = EC_POINT_new(group2);

    EC_POINT_oct2point(group2, pointc, pubkey, ECDH_SIZE, NULL);

    if (0 != EC_POINT_cmp(group2, point, pointc, NULL)) handleErrors();

    if(0 == (len2 = ECDH_compute_key(shared2, ECDH_SIZE, pointc, ecdh2, NULL))) handleErrors();

    printf("len2=%d\n",len2);

    disp("shared2", shared2, len2);

    /* alice */

    EC_POINT_free(pointc);

    EC_KEY_free(ecdh);

    /* bob */

    EC_POINT_free(point2c);

    EC_KEY_free(ecdh2);

    printf("To the end\n");

    return 0;

    }

    之后抽象、整理封装后的ECDH代码:

    #include

    #define ECDH_SIZE 33

    void handleErrors()

    {

    printf("Error occurred.\n");

    }

    static void disp(const char *str, const void *pbuf, const int size)

    {

    int i=0;

    if(str != NULL){

    printf("%s:\n", str);

    }

    if(pbuf != NULL && size > 0){

    for(i=0;i

    printf("%02x ", *((unsigned char *)pbuf+i));

    putchar('\n');

    }

    putchar('\n');

    }

    static EC_KEY *genECDHtemppubkey(unsigned char *pubkey)

    {

    int len;

    EC_KEY *ecdh = EC_KEY_new();

    //Generate Public

    ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);//NID_secp521r1

    EC_KEY_generate_key(ecdh);

    const EC_POINT *point = EC_KEY_get0_public_key(ecdh);

    const EC_GROUP *group = EC_KEY_get0_group(ecdh);

    //unsigned char *pubkey = malloc(ECDH_SIZE);

    if(0 == (len = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, pubkey, ECDH_SIZE, NULL))) handleErrors();

    printf("len=%d\n",len);

    //return pubkey;

    return ecdh;

    }

    static unsigned char *genECDHsharedsecret(EC_KEY *ecdh, unsigned char *peerkey, size_t secret_len)

    {

    int len;

    unsigned char *shared = malloc(ECDH_SIZE);

    const EC_GROUP *group = EC_KEY_get0_group(ecdh);

    //ComputeKey

    EC_POINT *point_peer = EC_POINT_new(group);

    EC_POINT_oct2point(group, point_peer, peerkey, ECDH_SIZE, NULL);

    //if (0 != EC_POINT_cmp(group, point2, point2c, NULL)) handleErrors();

    if(0 == (len = ECDH_compute_key(shared, secret_len, point_peer, ecdh, NULL))) handleErrors();

    printf("len=%d\n",len);

    disp("shared", shared, secret_len);

    return shared;

    }

    int main() {

    unsigned char *keydata = malloc(ECDH_SIZE);

    unsigned char *keydata2 = malloc(ECDH_SIZE);

    EC_KEY *ecdh = genECDHtemppubkey(keydata);

    EC_KEY *ecdh2 = genECDHtemppubkey(keydata2);

    unsigned char *ECDH_keydata = genECDHsharedsecret(ecdh2, keydata, ECDH_SIZE-1);

    unsigned char *ECDH_keydata2 = genECDHsharedsecret(ecdh, keydata2, ECDH_SIZE-1);

    printf("To the end\n");

    free(keydata);

    free(keydata2);

    EC_KEY_free(ecdh);

    EC_KEY_free(ecdh2);

    free(ECDH_keydata);

    free(ECDH_keydata2);

    return 0;

    }

    调试时在“ECDH_SIZE-1”的问题上纠结了好一阵子,不小心把EC_POINT_oct2point中参数ECDH_SIZE换成值为ECDH_SIZE-1的secret_len了;导致ECDH_compute_key一直返回-1,怎么搜索都得不到解决。

    最后还是耐心的一步步调试、对比前面参考的源码、调整变量数值,终于解决。编译通过,执行的非常好。

    耐心真的是非常重要,失之毫厘差之千里。

    参考资料:

    ECC加密算法原理入门介绍

    http://blog.csdn.net/sahusoft/article/details/6868016

    展开全文
  • config_ecdh.h: /** * @brief Minimal configuration for ECDH Function * @author mculover666 * @date 2020/09/30 */ #ifndef _MBEDTLS_CONFIG_ECDH_H_ #define _MBEDTLS_CONFIG_ECDH_H_ /* System support */ #...

    mbedtls系列文章

    Demo工程源码

    本工程基于STM32L41RCT6开发板,包含了本系列文章中所编写的所有Demo,持续更新……



    一、ECDH秘钥协商算法

    ECDH是一种秘钥协商算法,使得通信双方在不安全通道交换共享参数,从而使用共享参数和自身私密参数计算出一个会话秘钥。

    ECDH秘钥协商算法基于椭圆曲线密码系统(ECC),使用较短的秘钥长度可提供与RSA或DH算法同样的安全等级,秘钥长度为160-256bit的椭圆曲线算法,与1024-3072bit的非ECC算法安全强度相同

    ECDH秘钥协商的过程如下:

    ① 通信双方选择共同的椭圆曲线方程、相同的大素数P、相同的生成元G;

    ② 通信方A生成一个随机数作为自己的私钥,通过椭圆曲线标量乘法得到公开参数(公钥);

    ③ 通信方B生成一个随机数作为自己的私钥,通过椭圆曲线标量乘法得到公开参数(公钥);

    ④ 通信双方交换公钥,和自己的私钥一起计算得到共同的会话秘钥。

    二、ECDH秘钥协商功能的配置和使用

    1. 配置宏

    使用ECDH秘钥协商功能需要提前开启伪随机数生成器(依赖AES算法、SHA256算法、MD通用接口),其中伪随机数生成器的硬件适配移植实现已经讲述,请参考对应的第二篇博客,不再赘述。

    综合上述,本实验中需要开启的宏如下表:

    宏定义功能
    MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES不使用默认熵源(如果已有、要屏蔽该宏)
    MBEDTLS_NO_PLATFORM_ENTROPY不使用系统内置熵源
    MBEDTLS_AES_C使用AES算法
    MBEDTLS_ENTROPY_C使能熵源模块
    MBEDTLS_CTR_DRBG_C使能随机数模块
    MBEDTLS_SHA256_C使能SHA256算法
    MBEDTLS_MD_C开启MD通用接口
    MBEDTLS_AES_ROM_TABLES使能预定义S盒(节约内存空间)
    MBEDTLS_BIGNUM_C开启大数运算
    MBEDTLS_ECP_C开启椭圆曲线基础运算
    MBEDTLS_ECDH_C开启椭圆曲线秘钥协商算法模块
    MBEDTLS_ECP_DP_SECP256R1_ENABLED选择secp256r1曲线参数

    下面补充几个一个第一次出现宏的定义。

    MBEDTLS_ECP_C

    /**
     * \def MBEDTLS_ECP_C
     *
     * Enable the elliptic curve over GF(p) library.
     *
     * Module:  library/ecp.c
     * Caller:  library/ecdh.c
     *          library/ecdsa.c
     *          library/ecjpake.c
     *
     * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED
     */
    #define MBEDTLS_ECP_C
    

    MBEDTLS_ECDH_C

    /**
     * \def MBEDTLS_ECDH_C
     *
     * Enable the elliptic curve Diffie-Hellman library.
     *
     * Module:  library/ecdh.c
     * Caller:  library/ssl_cli.c
     *          library/ssl_srv.c
     *
     * This module is used by the following key exchanges:
     *      ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
     *
     * Requires: MBEDTLS_ECP_C
     */
    #define MBEDTLS_ECDH_C
    

    MBEDTLS_ECP_DP_SECP256R1_ENABLED(至少开启一种)

    /**
     * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
     *
     * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve
     * module.  By default all supported curves are enabled.
     *
     * Comment macros to disable the curve and functions for it
     */
    //#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
    //#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
    #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
    //#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
    //#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
    //#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
    //#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
    //#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
    //#define MBEDTLS_ECP_DP_BP256R1_ENABLED
    //#define MBEDTLS_ECP_DP_BP384R1_ENABLED
    //#define MBEDTLS_ECP_DP_BP512R1_ENABLED
    //#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
    //#define MBEDTLS_ECP_DP_CURVE448_ENABLED
    

    编辑针对本实验的配置文件mbedtls_config_ecdh.h

    /**
     * @brief   Minimal configuration for ECDH Function
     * @author  mculover666
     * @date    2020/09/30
    */
    
    #ifndef _MBEDTLS_CONFIG_ECDH_H_
    #define _MBEDTLS_CONFIG_ECDH_H_
    
    /* System support */
    #define MBEDTLS_HAVE_ASM
    //#define MBEDTLS_HAVE_TIME
    
    /* mbed feature support */
    #define MBEDTLS_ENTROPY_HARDWARE_ALT
    //#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
    #define MBEDTLS_NO_PLATFORM_ENTROPY
    
    /* mbed modules */
    #define MBEDTLS_AES_C
    #define MBEDTLS_AES_ROM_TABLES
    #define MBEDTLS_CTR_DRBG_C
    #define MBEDTLS_ENTROPY_C
    #define MBEDTLS_SHA256_C
    #define MBEDTLS_MD_C
    #define MBEDTLS_BIGNUM_C
    #define MBEDTLS_ECP_C
    #define MBEDTLS_ECDH_C
    #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
    
    #include "mbedtls/check_config.h"
    
    #endif /* _MBEDTLS_CONFIG_ECDH_H_ */
    
    

    2. ECDH秘钥协商功能API说明

    ① 初始化椭圆曲线群结构体

    /**
     * \brief           This function initializes an ECP group context
     *                  without loading any domain parameters.
     *
     * \note            After this function is called, domain parameters
     *                  for various ECP groups can be loaded through the
     *                  mbedtls_ecp_group_load() or mbedtls_ecp_tls_read_group()
     *                  functions.
     */
    void mbedtls_ecp_group_init( mbedtls_ecp_group *grp );
    

    ② 初始化椭圆曲线点结构体:

    /**
     * \brief           This function initializes an ECP group context
     *                  without loading any domain parameters.
     *
     * \note            After this function is called, domain parameters
     *                  for various ECP groups can be loaded through the
     *                  mbedtls_ecp_group_load() or mbedtls_ecp_tls_read_group()
     *                  functions.
     */
    void mbedtls_ecp_group_init( mbedtls_ecp_group *grp );
    

    ③ 加载椭圆曲线:

    /**
     * \brief           This function sets up an ECP group context
     *                  from a standardized set of domain parameters.
     *
     * \note            The index should be a value of the NamedCurve enum,
     *                  as defined in <em>RFC-4492: Elliptic Curve Cryptography
     *                  (ECC) Cipher Suites for Transport Layer Security (TLS)</em>,
     *                  usually in the form of an \c MBEDTLS_ECP_DP_XXX macro.
     *
     * \param grp       The group context to setup. This must be initialized.
     * \param id        The identifier of the domain parameter set to load.
     *
     * \return          \c 0 on success.
     * \return          #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if \p id doesn't
     *                  correspond to a known group.
     * \return          Another negative error code on other kinds of failure.
     */
    int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id );
    

    ④ 生成公开参数:

    /**
     * \brief           This function generates an ECDH keypair on an elliptic
     *                  curve.
     *
     *                  This function performs the first of two core computations
     *                  implemented during the ECDH key exchange. The second core
     *                  computation is performed by mbedtls_ecdh_compute_shared().
     *
     * \see             ecp.h
     *
     * \param grp       The ECP group to use. This must be initialized and have
     *                  domain parameters loaded, for example through
     *                  mbedtls_ecp_load() or mbedtls_ecp_tls_read_group().
     * \param d         The destination MPI (private key).
     *                  This must be initialized.
     * \param Q         The destination point (public key).
     *                  This must be initialized.
     * \param f_rng     The RNG function to use. This must not be \c NULL.
     * \param p_rng     The RNG context to be passed to \p f_rng. This may be
     *                  \c NULL in case \p f_rng doesn't need a context argument.
     *
     * \return          \c 0 on success.
     * \return          Another \c MBEDTLS_ERR_ECP_XXX or
     *                  \c MBEDTLS_MPI_XXX error code on failure.
     */
    int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
                         int (*f_rng)(void *, unsigned char *, size_t),
                         void *p_rng );
    

    ⑤ 计算共享秘钥:

    /**
     * \brief           This function computes the shared secret.
     *
     *                  This function performs the second of two core computations
     *                  implemented during the ECDH key exchange. The first core
     *                  computation is performed by mbedtls_ecdh_gen_public().
     *
     * \see             ecp.h
     *
     * \note            If \p f_rng is not NULL, it is used to implement
     *                  countermeasures against side-channel attacks.
     *                  For more information, see mbedtls_ecp_mul().
     *
     * \param grp       The ECP group to use. This must be initialized and have
     *                  domain parameters loaded, for example through
     *                  mbedtls_ecp_load() or mbedtls_ecp_tls_read_group().
     * \param z         The destination MPI (shared secret).
     *                  This must be initialized.
     * \param Q         The public key from another party.
     *                  This must be initialized.
     * \param d         Our secret exponent (private key).
     *                  This must be initialized.
     * \param f_rng     The RNG function. This may be \c NULL if randomization
     *                  of intermediate results during the ECP computations is
     *                  not needed (discouraged). See the documentation of
     *                  mbedtls_ecp_mul() for more.
     * \param p_rng     The RNG context to be passed to \p f_rng. This may be
     *                  \c NULL if \p f_rng is \c NULL or doesn't need a
     *                  context argument.
     *
     * \return          \c 0 on success.
     * \return          Another \c MBEDTLS_ERR_ECP_XXX or
     *                  \c MBEDTLS_MPI_XXX error code on failure.
     */
    int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
                             const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
                             int (*f_rng)(void *, unsigned char *, size_t),
                             void *p_rng );
    

    ⑥ 释放椭圆曲线群结构体:

    /**
     * \brief           This function frees the components of an ECP group.
     *
     * \param grp       The group to free. This may be \c NULL, in which
     *                  case this function returns immediately. If it is not
     *                  \c NULL, it must point to an initialized ECP group.
     */
    void mbedtls_ecp_group_free( mbedtls_ecp_group *grp );
    

    ⑦ 释放椭圆曲线点结构体:

    /**
     * \brief           This function frees the components of a point.
     *
     * \param pt        The point to free.
     */
    void mbedtls_ecp_point_free( mbedtls_ecp_point *pt );
    

    ⑧ 错误码(ECP计算部分)

    /*
     * ECP error codes
     */
    #define MBEDTLS_ERR_ECP_BAD_INPUT_DATA                    -0x4F80  /**< Bad input parameters to function. */
    #define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL                  -0x4F00  /**< The buffer is too small to write to. */
    #define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE               -0x4E80  /**< The requested feature is not available, for example, the requested curve is not supported. */
    #define MBEDTLS_ERR_ECP_VERIFY_FAILED                     -0x4E00  /**< The signature is not valid. */
    #define MBEDTLS_ERR_ECP_ALLOC_FAILED                      -0x4D80  /**< Memory allocation failed. */
    #define MBEDTLS_ERR_ECP_RANDOM_FAILED                     -0x4D00  /**< Generation of random value, such as ephemeral key, failed. */
    #define MBEDTLS_ERR_ECP_INVALID_KEY                       -0x4C80  /**< Invalid private or public key. */
    #define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH                  -0x4C00  /**< The buffer contains a valid signature followed by more data. */
    
    /* MBEDTLS_ERR_ECP_HW_ACCEL_FAILED is deprecated and should not be used. */
    #define MBEDTLS_ERR_ECP_HW_ACCEL_FAILED                   -0x4B80  /**< The ECP hardware accelerator failed. */
    
    #define MBEDTLS_ERR_ECP_IN_PROGRESS                       -0x4B00  /**< Operation in progress, call again with the same parameters to continue. */
    

    3. 编写测试函数

    新建测试文件mbedtls_ecdh_test.c,编写以下测试内容,其中服务器和客户端之间直接通信,没有采用网络通信:

    /**
     * @brief   EDCH Function demo
     * @author  mculover666
     * @date    2020/09/30
    */
    
    #if !defined(MBEDTLS_CONFIG_FILE)
    #include "mbedtls/config.h"
    #else
    #include MBEDTLS_CONFIG_FILE
    #endif
    
    #if defined(MBEDTLS_ECDH_C)
    
    #include <stdio.h>
    #include "string.h"
    #include "mbedtls/entropy.h"
    #include "mbedtls/ctr_drbg.h"
    #include "mbedtls/ecdh.h"
    
    #define GENERATOR   "2"
    #define T_P          "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1D8B9C583CE2D3695" \
                         "A9E13641146433FBCC939DCE249B3EF97D2FE363630C75D8F681B202AEC4617A"\
                         "D3DF1ED5D5FD65612433F51F5F066ED0856365553DED1AF3B557135E7F57C935"\
                         "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE73530ACCA4F483A797A"\
                         "BC0AB182B324FB61D108A94BB2C8E3FBB96ADAB760D7F4681D4F42A3DE394DF4"\
                         "AE56EDE76372BB190B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61"\
                         "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD733BB5FCBC2EC22005"\
                         "C58EF1837D1683B2C6F34A26C1B2EFFA886B423861285C97FFFFFFFFFFFFFFFF"
    
    uint8_t buf[65];
    
    static void dump_buf(uint8_t *buf, uint32_t len)
    {
        int i;
        
        for (i = 0; i < len; i++) {
            printf("%s%02X%s", i % 16 == 0 ? "\r\n\t" : " ", 
                               buf[i], 
                               i == len - 1 ? "\r\n" : "");
        }
    }
    
    int mbedtls_ecdh_test(void)
    {
        int ret;
        size_t olen;
       
        const char *pers = "ecdh_test";
        mbedtls_entropy_context entropy;
        mbedtls_ctr_drbg_context ctr_drbg;
        mbedtls_ecp_point client_pub, server_pub;
        mbedtls_ecp_group grp;
        mbedtls_mpi client_secret, server_secret;
        mbedtls_mpi client_pri, server_pri;
            
        /* 1. init structure */
        mbedtls_entropy_init(&entropy);
        mbedtls_ctr_drbg_init(&ctr_drbg);
        mbedtls_mpi_init(&client_secret);
        mbedtls_mpi_init(&server_secret);
        mbedtls_mpi_init(&client_pri);
        mbedtls_mpi_init(&server_pri);
        mbedtls_ecp_group_init(&grp);
        mbedtls_ecp_point_init(&client_pub);
        mbedtls_ecp_point_init(&server_pub);
        
        /* 2. update seed with we own interface ported */
        printf( "\n  . Seeding the random number generator..." );
        
        ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
                                   (const unsigned char *) pers,
                                   strlen(pers));
        if(ret != 0) {
            printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d(-0x%04x)\n", ret, -ret);
            goto exit;
        }
        printf( " ok\n" );
    
        /* 3.  select ecp group SECP256R1 */
        printf("\n  . Select ecp group SECP256R1...");
        
        ret = mbedtls_ecp_group_load(&grp, MBEDTLS_ECP_DP_SECP256R1);
        if(ret != 0) {
            printf( " failed\n  ! mbedtls_ecp_group_load returned %d(-0x%04x)\n", ret, -ret);
            goto exit;
        }
        
        printf("ok\r\n");
        
        /* 4. Client generate public parameter */
        printf("\n  . Client Generate public parameter...");
        
        ret = mbedtls_ecdh_gen_public(&grp, &client_pri, &client_pub, mbedtls_ctr_drbg_random, &ctr_drbg);
        if(ret != 0) {
            printf( " failed\n  ! mbedtls_ecdh_gen_public returned %d(-0x%04x)\n", ret, -ret);
            goto exit;
        }
        printf( " ok\n" );
        
        /* show public parameter */
        mbedtls_ecp_point_write_binary(&grp, &client_pub, MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, buf, sizeof(buf));
        dump_buf(buf, olen);
        
        /* 5. Client generate public parameter */
        printf("\n  . Server Generate public parameter...");
        
        ret = mbedtls_ecdh_gen_public(&grp, &server_pri, &server_pub, mbedtls_ctr_drbg_random, &ctr_drbg);
        if(ret != 0) {
            printf( " failed\n  ! mbedtls_ecdh_gen_public returned %d(-0x%04x)\n", ret, -ret);
            goto exit;
        }
        printf( " ok\n" );
        
        /* show public parameter */
        mbedtls_ecp_point_write_binary(&grp, &server_pub, MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, buf, sizeof(buf));
        dump_buf(buf, olen);
        
        /* 6. Calc shared secret */
        printf("\n  . Client Calc shared secret...");
        
        ret = mbedtls_ecdh_compute_shared(&grp, &client_secret, &server_pub, &client_pri, mbedtls_ctr_drbg_random, &ctr_drbg);
        if(ret != 0) {
            printf( " failed\n  ! mbedtls_ecdh_compute_shared returned %d(-0x%04x)\n", ret, -ret);
            goto exit;
        }
        printf( " ok\n" );
        
        /* show public parameter */
        mbedtls_mpi_write_binary(&client_secret, buf, sizeof(buf));
        dump_buf(buf, olen);
        
        /* 7. Server Calc shared secret */
        printf("\n  . Server Calc shared secret...");
        
        ret = mbedtls_ecdh_compute_shared(&grp, &server_secret, &client_pub, &server_pri, mbedtls_ctr_drbg_random, &ctr_drbg);
        if(ret != 0) {
            printf( " failed\n  ! mbedtls_ecdh_compute_shared returned %d(-0x%04x)\n", ret, -ret);
            goto exit;
        }
        printf( " ok\n" );
        
        /* show public parameter */
        mbedtls_mpi_write_binary(&server_secret, buf, sizeof(buf));
        dump_buf(buf, olen);
        
        /* 8. mpi compare */
        ret = mbedtls_mpi_cmp_mpi(&server_secret, &client_secret);
        printf("compare result: %d\r\n", ret);
        
        exit:
        
        /* 10. release structure */
        mbedtls_ctr_drbg_free(&ctr_drbg);
        mbedtls_entropy_free(&entropy);
        mbedtls_mpi_free(&client_secret);
        mbedtls_mpi_free(&server_secret);
        mbedtls_mpi_free(&client_pri);
        mbedtls_mpi_free(&server_pri);
        mbedtls_ecp_group_free(&grp);
        mbedtls_ecp_point_free(&client_pub);
        mbedtls_ecp_point_free(&server_pub);
        
        return ret;
    }
    
    #endif /* MBEDTLS_DHM_C */
    

    4. 调用测试函数

    在 main.c 中声明:

    extern int mbedtls_ecdh_test(void);
    

    在 main 函数中调用此测试函数:

    /* 7. ecdh test */
    mbedtls_ecdh_test();
    

    编译、下载、在串口助手查看结果:

    接收精彩文章及资源推送,请订阅我的微信公众号:『mculover666』

    展开全文
  • 椭圆曲线-Diffie-Hellmann-ECDH 基于椭圆曲线的Diffie-Hellmann算法的Java实现 这是一个示例项目,展示了椭圆曲线上的 Diffie-Hellman 算法的功能。 GF2 中的操作是自制的。 在文件 out/parameter.txt 中显示了从 ...
  • 小型OpenSSL-ECDH-示例 使用OpenSSL的椭圆曲线Diffie-Hellman的雾化示例
  • //ECDH_SIZE-1 if (0== memcmp(ECDH_keydata, ECDH_keydata2, ECDH_SIZE - 1)) //算出来的共享密钥必须相同 { printf("------sharedsecret ok------\n"); } printf("To the end\n"); free(keydata); free(keydata2);...

    https://www.jianshu.com/p/b26cd2bfdc28

    搬一下别人的解释:

    下面我们以Alice和Bob为例叙述Diffie-Hellman密钥交换的原理。

    1,Diffie-Hellman交换过程中涉及到的所有参与者定义一个组,在这个组中定义一个大质数p,底数g。

    2,Diffie-Hellman密钥交换是一个两部分的过程,Alice和Bob都需要一个私有的数字a,b。

    下面是DH交换的过程图:

    format,png

    本图片来自wiki

    下面我们进行一个实例

    1.爱丽丝与鲍伯协定使用p=23以及g=5.

    2.爱丽丝选择一个秘密整数a=6, 计算A = g^a mod p并发送给鲍伯。

    A = 5^6 mod 23 = 8.

    3.鲍伯选择一个秘密整数b=15, 计算B = g^b mod p并发送给爱丽丝。

    B = 5^15 mod 23 = 19.

    4.爱丽丝计算s = B a mod p

    19^6 mod 23 = 2.

    5.鲍伯计算s = A b mod p

    8^15 mod 23 = 2.

    ECDH密钥交换:

    ECDH:

    ECC算法和DH结合使用,用于密钥磋商,这个密钥交换算法称为ECDH。交换双方可以在不共享任何秘密的情况下协商出一个密钥。ECC是建立在基于椭圆曲线的离散对数问题上的密码体制,给定椭圆曲线上的一个点P,一个整数k,求解Q=kP很容易;给定一个点P、Q,知道Q=kP,求整数k确是一个难题。ECDH即建立在此数学难题之上。密钥磋商过程:

    假设密钥交换双方为Alice、Bob,其有共享曲线参数(椭圆曲线E、阶N、基点G)。

    1) Alice生成随机整数a,计算A=a*G。 #生成Alice公钥

    2) Bob生成随机整数b,计算B=b*G。 #生产Bob公钥

    3) Alice将A传递给Bob。A的传递可以公开,即攻击者可以获取A。

    由于椭圆曲线的离散对数问题是难题,所以攻击者不可以通过A、G计算出a。

    4) Bob将B传递给Alice。同理,B的传递可以公开。

    5) Bob收到Alice传递的A,计算Q =b*A#Bob通过自己的私钥和Alice的公钥得到对称密钥Q

    6) Alice收到Bob传递的B,计算Q`=a*B#Alice通过自己的私钥和Bob的公钥得到对称密钥Q'

    Alice、Bob双方即得Q=b*A=b*(a*G)=(b*a)*G=(a*b)*G=a*(b*G)=a*B=Q' (交换律和结合律),即双方得到一致的密钥Q。

    目前Openssl里面的ECC算法的套件支持是ECDSA/ECDH。在国密的SSL套件中,可以使用ECDSA/ECC(密钥加密传输),ECDSA/ECDH(密钥磋商)两种套件

    作者:介和

    链接:https://www.jianshu.com/p/b26cd2bfdc28

    来源:简书

    简书著作权归作者所有,任何形式的转载都请联系作者获得授权并注明出处。

    测试代码:

    #include "stdafx.h"

    #include

    #include

    #include

    #include

    #include

    #include

    #include

    #define ECDH_SIZE 256

    void handleErrors()

    {

    printf("Error occurred.\n");

    }

    void disp(const char *str, const void *pbuf, const int size)

    {

    int i=0;

    if (str !=NULL)

    {

    printf("%s:\n", str);

    }

    if (pbuf !=NULL && size > 0)

    {

    for (i = 0; i < size; i++) {

    printf("%02x ", *((unsigned char *)pbuf + i));

    }

    putchar('\n');

    }

    putchar('\n');

    }

    EC_KEY *genECDHpubkey(unsigned char *pubkey, size_t& lenn)

    {

    size_t len;

    int ret;

    //Generate Public

    EC_KEY *ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); // NID_secp521r1

    //或者

    //EC_KEY *ecdh = EC_KEY_new();

    //EC_GROUP *group_ = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1); // NID_secp256k1

    //EC_KEY_set_group(ecdh, group_);

    //

    ret = EC_KEY_generate_key(ecdh);

    //

    const EC_POINT *point = EC_KEY_get0_public_key(ecdh);//传输给对方的公钥

    const EC_GROUP *group = EC_KEY_get0_group(ecdh);

    //

    BIGNUM *x = BN_new();

    BIGNUM *y = BN_new();

    if (EC_POINT_get_affine_coordinates_GFp(group, point, x, y, NULL))

    {

    BN_print_fp(stdout, x);

    putc('\n', stdout);

    BN_print_fp(stdout, y);

    putc('\n', stdout);

    }

    BN_free(x);

    BN_free(y);

    //将公钥由POINT格式转成OCT字符串

    if (0 == (len = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, pubkey, ECDH_SIZE, NULL)))

    {

    handleErrors();

    }

    printf("len=%d\n",len);

    disp("pubkey", pubkey, len);

    lenn = len;

    return ecdh;

    }

    unsigned char *genECDHsharedsecret(EC_KEY *ecdh, unsigned char *peerkey, size_t secret_len)

    {

    int len, ret;

    unsigned char *shared = (unsigned char *)malloc(ECDH_SIZE);

    const EC_GROUP *group = EC_KEY_get0_group(ecdh);

    //ComputeKey

    EC_POINT *point_peer = EC_POINT_new(group);

    if (0 == (ret = EC_POINT_oct2point(group, point_peer, peerkey, secret_len, NULL))) // ECDH_SIZE

    {

    handleErrors();

    }

    //

    if (0 == (len = ECDH_compute_key(shared, ECDH_SIZE-1, point_peer, ecdh, NULL)))

    {

    handleErrors();

    }

    printf("len=%d\n",len);

    disp("shared", shared, len);

    return shared;

    }

    int testECDH()

    {

    unsigned char *keydata = (unsigned char *)malloc(ECDH_SIZE);

    unsigned char *keydata2 = (unsigned char *)malloc(ECDH_SIZE);

    size_t len1 = 0, len2 = 0;

    EC_KEY *ecdh = genECDHpubkey(keydata, len1);

    EC_KEY *ecdh2 = genECDHpubkey(keydata2, len2);

    unsigned char *ECDH_keydata = genECDHsharedsecret(ecdh2, keydata, len1);//ECDH_SIZE-1

    unsigned char *ECDH_keydata2 = genECDHsharedsecret(ecdh, keydata2, len2);//ECDH_SIZE-1

    if (0== memcmp(ECDH_keydata, ECDH_keydata2, ECDH_SIZE - 1)) //算出来的共享密钥必须相同

    {

    printf("------sharedsecret ok------\n");

    }

    printf("To the end\n");

    free(keydata);

    free(keydata2);

    EC_KEY_free(ecdh);

    EC_KEY_free(ecdh2);

    free(ECDH_keydata);

    free(ECDH_keydata2);

    return 0;

    }

    int main8(int argc, char *argv[])

    {

    return testECDH();

    }

    运行结果:

    6128f0919194a3d3002c5f168ec9b4e0.png

    shared密钥就是我们后续采用AES等对称算法的Key。

    参考:

    标签:ecdh,ECDH,EC,char,算法,密钥,KEY

    来源: https://blog.csdn.net/houwenbin1986/article/details/99683910

    展开全文
  • 前言对于 ECDH,Wikipedia 如下描述:Elliptic curve Diffie–Hellman (ECDH) is an anonymous key agreement protocol that allows two parties, each having an elliptic curve public–private key pair, to ...

    前言

    对于 ECDH,Wikipedia 如下描述:

    Elliptic curve Diffie–Hellman (ECDH) is an anonymous key agreement protocol that allows two parties, each having an elliptic curve public–private key pair, to establish a shared secret over an insecure channel.

    ECDH 是基于 ECC(Elliptic Curve Cryptosystems,椭圆曲线密码体制)的 DH( Diffie-Hellman)密钥交换算法。交换双方可以在不共享任何秘密的情况下协商出一个密钥。与 Diffie-Hellman 相比 ECDH 具有 ECC 的高强度、短密钥长度、计算速度快等优点。

    由于 ECDH 每次用一个固定的 DH key, 导致不能向前保密(forward secrecy),安全性会降低,所以一般都是用 ECDHE(ECDH 的 ephemeral version)或其他版本的 ECDH 算法。

    本文只对 ECDH 进行介绍,只为测试。

    环境说明

    CentOS 7.2(CentOS_7_x86_64_1151)

    OpenSSL 1.0.2e

    安装 OpenSSL

    1.查看本机安装的版本

    #openssl version

    OpenSSL 1.0.1e-fips 11 Feb 2013

    2.OpenSSL 应在1.0.2以上,这里使用 1.0.2e,去官网下载,源码安装一下,请根据实际情况更改下载地址。

    #cd /usr/src

    #wget https://www.openssl.org/source/openssl-1.0.2e.tar.gz

    #tar -zxf openssl-1.0.2e.tar.gz

    3.编译安装 OpenSSL

    #cdopenssl-1.0.2e

    #./config

    #make

    #make test

    #make install

    4.如果旧版本还在,可以先备份,并修改一个

    #mv /usr/bin/openssl /root/

    #ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl

    5.查看版本

    # openssl version

    OpenSSL 1.0.2e 3 Dec 2015

    制作CA证书

    ECDH 密钥交换算法,不能自签名,所以制作证书,需要一个 CA 进行颁发。

    CA 要给别人颁发证书,首先自己得有一个作为根证书,我们得在一切工作之前修改好 CA 的配置文件、序列号、索引等等。这些参数都是在 openssl.cnf 里面配置的。

    #vi /etc/pki/tls/openssl.cnf

    openssl.cnf 配置文件中主要关注 [CA_default] 和 [policy_match] 规则

    ......

    [ CA_default ]

    dir = /etc/pki/CA # Where everything is keptcerts = $dir/certs # Where the issued certs are keptcrl_dir = $dir/crl # Where the issued crl are keptdatabase = $dir/index.txt # database index file.

    #unique_subject = no # Set to 'no' to allow creation of # several ctificates with same subject.new_certs_dir = $dir/newcerts # default place for new certs.

    certificate = $dir/cacert.pem # The CA certificateserial = $dir/serial # The current serial numbercrlnumber = $dir/crlnumber # the current crl number # must be commented out to leave a V1 CRLcrl = $dir/crl.pem # The current CRLprivate_key = $dir/private/cakey.pem# The private keyRANDFILE = $dir/private/.rand # private random number file......

    ......

    # For the CA policy[ policy_match ]

    countryName = match

    stateOrProvinceName = optional

    organizationName = optional

    organizationalUnitName = optional

    commonName = supplied

    emailAddress = optional

    ......

    1.先初始化 index.txt 和 serial 文件

    #cd /etc/pki/CA/

    #touchindex.txt serial

    #echo01 > serial

    2.生成 CA 的私钥(private key)

    #cd /etc/pki/CA/

    #openssl genrsa -out private/cakey.pem 2048

    3.生成 CA 的证书(certificate),使用 req 命令生成自签证书

    #openssl req -new -x509 -key private/cakey.pem -out cacert.pem

    会提示输入一些内容,请按提示输入即可。

    制作 ECDH 密钥交换的证书

    将根证书拷贝到 $HOME 目录,省去输入目录的麻烦,本文只为示例作用。

    #cd /etc/pki/CA/private/

    #cpcakey.pem ~

    #cd /etc/pki/CA/

    #cpcacert.pem ~

    #cd ~

    1.生成 private key 之前,先查看一下那种椭圆曲线可以使用

    #openssl ecparam -list_curves

    结果如下,OpenSSL 1.0.2e 支持很多。

    ......secp521r1 : NIST/SECG curve over a 521 bit prime field

    prime192v1: NIST/X9.62/SECG curve over a 192 bit prime field

    prime192v2: X9.62 curve over a 192 bit prime field

    prime192v3: X9.62 curve over a 192 bit prime field

    prime239v1: X9.62 curve over a 239 bit prime field

    prime239v2: X9.62 curve over a 239 bit prime field

    prime239v3: X9.62 curve over a 239 bit prime field

    prime256v1: X9.62/SECG curve over a 256 bit prime field......

    本例使用 prime256v1

    2.生成 ECDH 的私钥(private key)

    #openssl ecparam -out ecparam.pem -name prime256v1

    #openssl genpkey -paramfile ecparam.pem -out ecdhkey.pem

    3.生成 ECDH 的公钥(public key)

    #openssl pkey -in ecdhkey.pem -pubout -out ecdhpubkey.pem

    4.生成 CSR(Certificate Request)文件,CSR 是需要自签名的,不能使用 ECDH 算法,因为 ECDH 不是签名算法,本例使用RSA算法生成。

    #openssl genrsa -out rsakey.pem 1024

    #openssl req -new -key rsakey.pem -out ecdhrsacsr.pem

    5.最后,使用 ECDH 的公钥和 RSA 的 CSR 制作 ECDH 证书,由于 ECDH 不是自签名算法,不能自签名生成。本例使用刚才制作的 CA 证书生成。

    #openssl x509 -req -in ecdhrsacsr.pem -CAkey cakey.pem -CA cacert.pem -force_pubkey ecdhpubkey.pem -out ecdhcert.pem -CAcreateserial

    本例后来使用的 RSA 算法生成的 CSR 文件,所以生成的 ecdhcert.pem 支持 ECDH_RSA 的密码套件。

    目前生成的证书列表如下:

    cakey.pem# CA private key(RSA算法的)

    cacert.pem# CA certificate

    ecparam.pem# EC Parameters

    ecdhkey.pem# ECDH private key

    ecdhpubkey.pem# ECDH public key

    rsakey.pem# RSA private key(用于请求证书的)

    ecdhrsacsr.pem# RSA 的 CSR文件

    ecdhcert.pem# ECDH certificate(RSA算法的)

    验证 ECDH

    使用 OpenSSL 测试

    1.服务端

    #openssl s_server -cert ecdhcert.pem -key ecdhkey.pem -port 8888

    2.客户端 (需要打开一个新的Terminal进行)

    #cd ~

    #vi test_ciphers

    输入如下内容

    #!/usr/bin/env bash

    # OpenSSL requires the port number.

    SERVER=127.0.0.1:8888

    DELAY=1

    ciphers=$(openssl ciphers 'ECDH:eNULL' | sed -e 's/:/ /g')

    echoObtaining cipher list from $(openssl version).

    forcipher in ${ciphers[@]}

    doecho -n Testing $cipher...

    result=$(echo -n | openssl s_client -cipher "$cipher" -connect $SERVER 2>&1)

    if [[ "$result" =~ ":error:" ]] ; thenerror=$(echo -n $result | cut -d':' -f6)

    echoNO \($error\)

    else

    if [[ "$result" =~ "Cipher is${cipher}" || "$result" =~ "Cipher :" ]] ; thenechoYES

    elseechoUNKNOWN RESPONSE

    echo $result

    fi

    fisleep $DELAY

    done

    此脚本会验证包含 ECDH 密钥交换算法的密码套件的支持程度,可以修改

    ciphers=$(openssl ciphers 'ECDH:eNULL' | sed -e 's/:/ /g')

    保存文件后,更改文件为可执行

    #chmod +x test_ciphers

    执行测试

    #./test_ciphers

    结果如下

    Obtaining cipher list from OpenSSL 1.0.2e 3 Dec 2015.

    Testing ECDHE-RSA-AES256-GCM-SHA384...NO (sslv3 alert handshake failure)

    Testing ECDHE-ECDSA-AES256-GCM-SHA384...YES

    Testing ECDHE-RSA-AES256-SHA384...NO (sslv3 alert handshake failure)

    Testing ECDHE-ECDSA-AES256-SHA384...YES

    Testing ECDHE-RSA-AES256-SHA...NO (sslv3 alert handshake failure)

    Testing ECDHE-ECDSA-AES256-SHA...YES

    Testing AECDH-AES256-SHA...NO (sslv3 alert handshake failure)

    Testing ECDH-RSA-AES256-GCM-SHA384...YES

    Testing ECDH-ECDSA-AES256-GCM-SHA384...NO (sslv3 alert handshake failure)

    Testing ECDH-RSA-AES256-SHA384...YES

    Testing ECDH-ECDSA-AES256-SHA384...NO (sslv3 alert handshake failure)

    Testing ECDH-RSA-AES256-SHA...YES......

    可以发现,包含 ECDH-RSA 的密码套件的,都是通过的。

    参考资料

    展开全文
  • ECDH算法详解

    2021-09-23 21:04:27
    ECDH算法详解ECDH算法详解DH密钥交换原理结合ECC椭圆曲线算法ECDSA签名算法参考资料 ECDH算法详解 DH密钥交换原理 进一步解释: 两端(Alice 和 Bob)想要安全的交换信息并且第三方不能获取到该信息。当然这也是TLS...
  • ECDH密钥交换

    千次阅读 2019-05-31 13:23:57
    前面一篇将过DH密钥交换算法,ECDH(Elliptic Curve Diffie-Hellman)顾名思义就是ECC+DH,安全性保证由椭圆曲线离散对数难题来保证。其思想与DH一致。 椭圆曲线密码学 椭圆曲线密码学是属于非对称密码学的。其...
  • ECDH, 0 , 2018-07-10ECDH\.DS_Store, 6148 , 2018-07-06__MACOSX, 0 , 2018-07-10__MACOSX\ECDH, 0 , 2018-07-10__MACOSX\ECDH\._.DS_Store, 120 , 2018-07-06ECDH\ECDHUITests, 0 , 2018-07-05ECDH\ECDHUITests\EC...
  • ECDH密钥协商算法

    2021-04-22 00:44:01
    ECDH是EC是"elliptic curves"的意思,DH是"Diffie-Hellman"的意思。它实际上是密钥协商算法,而不是加解密算法。该算法可以用来解决如下问题:在公网通道上如何进行安全的秘钥分派。两端(Alice 和 Bob)想要安全的...
  • 浅谈ECC&ECDH&ECDSA

    2021-09-03 09:32:31
    ECDH与DH的密钥协商流程基本一致,DH基于模幂与离散对数计算困难性问题,而ECDH是基于标量乘法与基于椭圆曲线的离散对数问题。 ECDH协议流程 设Alice和Bob为通信双方。首先Alice和Bob选定公共参数(CURVE,G)。其中...
  • ECDH

    千次阅读 2017-02-24 09:42:22
    ECDH是一个椭圆曲线Diffie-hellman密钥交换方法的go实现 https://github.com/wsddn/go-ecdh Diffie-hellman是一种确保共享KEY安全穿越不安全网络的方法,这个机制的巧妙在于需要安全通信的双方可以用这个方法...
  • ECDH过程: 假设公私钥是用于密钥交换,那么步骤如下(这里的乘法是指椭圆曲线上点的乘法): part1: 小红生成私钥kA,将它乘以基点G得到公钥QA,即 kA *G=QA 小明生成私钥kB,将它乘以基点G得到公钥QB,即 kB *G=...
  • DH和ECDH

    千次阅读 2020-02-12 22:03:06
    DH和ECDH
  • ECDH产生共享密钥

    2020-12-31 15:10:26
    ECIES中的最重要一步就是ECDH,需要算出共享密钥。于是研究起来,这篇文章记录我的学习过程。 ECDH是EC是“elliptic curves”的意思,DH是“Diffie-Hellman”的意思。它实际上是密钥协商算法,而不是加解密算法。该...
  • NIST-FIPS(ECDH

    2017-04-28 09:48:25
    官方的FIPS,包括ECDSA(椭圆曲线加密),原汁原味
  • 原文链接如下: Elliptic Curve Cryptography: ECDH and ECDSA​andrea.corbellini.name想全面了解椭圆曲线的朋友可以先看看前两个部分,翻译得很棒:Avery:ECC椭圆曲线加密算法:介绍​zhuanlan.zhihu.comAvery:...
  • ECDH密钥交换: ECDH: ECC算法和DH结合使用,用于密钥磋商,这个密钥交换算法称为ECDH。交换双方可以在不共享任何秘密的情况下协商出一个密钥。ECC是建立在基于椭圆曲线的离散对数问题上的密码体制,给定椭圆曲线上...

空空如也

空空如也

1 2 3 4 5 ... 20
收藏数 7,690
精华内容 3,076
关键字:

ECDH

友情链接: stweam.rar