Discussion:
ECC key generation example using openssl
(too old to reply)
Indtiny S
2014-11-18 16:25:32 UTC
Permalink
Dear All,

I have written below code to generate a ECC based private and public key .

But I am missing logic , my keys are not generated .

My goal is to generate , Client :- private = Ca , public= Ca,G and Server:-
private=Sa, pub = Sa.G

and prove Ca.(Sa.G) = Sa.(CaG)



#include <openssl/obj_mac.h>
#include <openssl/ec.h>

void handleErrors(void){

printf("\n error ");
}
EC_GROUP *create_curve(void)
{
BN_CTX *ctx;
EC_GROUP *curve;
BIGNUM *a, *b, *p, *order, *x, *y;
EC_POINT *generator;

/* Binary data for the curve parameters */
unsigned char a_bin[28] =
{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFE};
unsigned char b_bin[28] =
{0xB4,0x05,0x0A,0x85,0x0C,0x04,0xB3,0xAB,0xF5,0x41,
0x32,0x56,0x50,0x44,0xB0,0xB7,0xD7,0xBF,0xD8,0xBA,
0x27,0x0B,0x39,0x43,0x23,0x55,0xFF,0xB4};
unsigned char p_bin[28] =
{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01};
unsigned char order_bin[28] =
{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0x16,0xA2,0xE0,0xB8,0xF0,0x3E,
0x13,0xDD,0x29,0x45,0x5C,0x5C,0x2A,0x3D };
unsigned char x_bin[28] =
{0xB7,0x0E,0x0C,0xBD,0x6B,0xB4,0xBF,0x7F,0x32,0x13,
0x90,0xB9,0x4A,0x03,0xC1,0xD3,0x56,0xC2,0x11,0x22,
0x34,0x32,0x80,0xD6,0x11,0x5C,0x1D,0x21};
unsigned char y_bin[28] =
{0xbd,0x37,0x63,0x88,0xb5,0xf7,0x23,0xfb,0x4c,0x22,
0xdf,0xe6,0xcd,0x43,0x75,0xa0,0x5a,0x07,0x47,0x64,
0x44,0xd5,0x81,0x99,0x85,0x00,0x7e,0x34};

/* Set up the BN_CTX */
if(NULL == (ctx = BN_CTX_new())) handleErrors();

/* Set the values for the various parameters */
if(NULL == (a = BN_bin2bn(a_bin, 28, NULL))) handleErrors();
if(NULL == (b = BN_bin2bn(b_bin, 28, NULL))) handleErrors();
if(NULL == (p = BN_bin2bn(p_bin, 28, NULL))) handleErrors();
if(NULL == (order = BN_bin2bn(order_bin, 28, NULL))) handleErrors();
if(NULL == (x = BN_bin2bn(x_bin, 28, NULL))) handleErrors();
if(NULL == (y = BN_bin2bn(y_bin, 28, NULL))) handleErrors();

/* Create the curve */
if(NULL == (curve = EC_GROUP_new_curve_GFp(p, a, b, ctx))) handleErrors();

/* Create the generator */
if(NULL == (generator = EC_POINT_new(curve))) handleErrors();
if(1 != EC_POINT_set_affine_coordinates_GFp(curve, generator, x, y, ctx))
handleErrors();

/* Set the generator and the order */
if(1 != EC_GROUP_set_generator(curve, generator, order, NULL))
handleErrors();

EC_POINT_free(generator);
BN_free(y);
BN_free(x);
BN_free(order);
BN_free(p);
BN_free(b);
BN_free(a);
BN_CTX_free(ctx);

return curve;
}


void myPrint( BIGNUM * x, char * t ) {
char * s = BN_bn2dec( x ) ;
printf("%s%s", s, t ) ;
// OPENSSL_free(s) ;
free(s) ;
}

int main()
{
EC_GROUP * cur = create_curve();
if(NULL == cur)
{
handleErrors();
}

EC_KEY *key;

if(NULL == (key = EC_KEY_new_by_curve_name(NID_secp224r1)))
handleErrors();

if(1 != EC_KEY_generate_key(key)) handleErrors();

BIGNUM *prv;
EC_POINT *pub;

/* Set up private key in prv */
/* Set up public key in pub */

if(1 != EC_KEY_set_private_key(key, prv)) handleErrors();

myPrint(prv,"\n");
if(1 != EC_KEY_set_public_key(key, pub)) handleErrors();

return 0;

}
Matt Caswell
2014-11-18 16:39:43 UTC
Permalink
Post by Indtiny S
Dear All,
I have written below code to generate a ECC based private and public key .
But I am missing logic , my keys are not generated .
My goal is to generate , Client :- private = Ca , public= Ca,G and
Server:- private=Sa, pub = Sa.G
and prove Ca.(Sa.G) = Sa.(CaG)
#include <openssl/obj_mac.h>
#include <openssl/ec.h>
void handleErrors(void){
printf("\n error ");
}
EC_GROUP *create_curve(void)
{
BN_CTX *ctx;
EC_GROUP *curve;
BIGNUM *a, *b, *p, *order, *x, *y;
EC_POINT *generator;
/* Binary data for the curve parameters */
unsigned char a_bin[28] =
{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFE};
unsigned char b_bin[28] =
{0xB4,0x05,0x0A,0x85,0x0C,0x04,0xB3,0xAB,0xF5,0x41,
0x32,0x56,0x50,0x44,0xB0,0xB7,0xD7,0xBF,0xD8,0xBA,
0x27,0x0B,0x39,0x43,0x23,0x55,0xFF,0xB4};
unsigned char p_bin[28] =
{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01};
unsigned char order_bin[28] =
{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0x16,0xA2,0xE0,0xB8,0xF0,0x3E,
0x13,0xDD,0x29,0x45,0x5C,0x5C,0x2A,0x3D };
unsigned char x_bin[28] =
{0xB7,0x0E,0x0C,0xBD,0x6B,0xB4,0xBF,0x7F,0x32,0x13,
0x90,0xB9,0x4A,0x03,0xC1,0xD3,0x56,0xC2,0x11,0x22,
0x34,0x32,0x80,0xD6,0x11,0x5C,0x1D,0x21};
unsigned char y_bin[28] =
{0xbd,0x37,0x63,0x88,0xb5,0xf7,0x23,0xfb,0x4c,0x22,
0xdf,0xe6,0xcd,0x43,0x75,0xa0,0x5a,0x07,0x47,0x64,
0x44,0xd5,0x81,0x99,0x85,0x00,0x7e,0x34};
/* Set up the BN_CTX */
if(NULL == (ctx = BN_CTX_new())) handleErrors();
/* Set the values for the various parameters */
if(NULL == (a = BN_bin2bn(a_bin, 28, NULL))) handleErrors();
if(NULL == (b = BN_bin2bn(b_bin, 28, NULL))) handleErrors();
if(NULL == (p = BN_bin2bn(p_bin, 28, NULL))) handleErrors();
if(NULL == (order = BN_bin2bn(order_bin, 28, NULL))) handleErrors();
if(NULL == (x = BN_bin2bn(x_bin, 28, NULL))) handleErrors();
if(NULL == (y = BN_bin2bn(y_bin, 28, NULL))) handleErrors();
/* Create the curve */
if(NULL == (curve = EC_GROUP_new_curve_GFp(p, a, b, ctx))) handleErrors();
/* Create the generator */
if(NULL == (generator = EC_POINT_new(curve))) handleErrors();
if(1 != EC_POINT_set_affine_coordinates_GFp(curve, generator, x, y, ctx))
handleErrors();
/* Set the generator and the order */
if(1 != EC_GROUP_set_generator(curve, generator, order, NULL))
handleErrors();
EC_POINT_free(generator);
BN_free(y);
BN_free(x);
BN_free(order);
BN_free(p);
BN_free(b);
BN_free(a);
BN_CTX_free(ctx);
return curve;
}
void myPrint( BIGNUM * x, char * t ) {
char * s = BN_bn2dec( x ) ;
printf("%s%s", s, t ) ;
// OPENSSL_free(s) ;
free(s) ;
}
int main()
{
EC_GROUP * cur = create_curve();
You've gone to a lot of effort to create a custom curve, and then...
Post by Indtiny S
if(NULL == cur)
{
handleErrors();
}
EC_KEY *key;
if(NULL == (key = EC_KEY_new_by_curve_name(NID_secp224r1)))
...you ignore all of that and use a standard curve. Why do you want to
create a custom curve anyway (there's rarely a need for that).
Post by Indtiny S
handleErrors();
if(1 != EC_KEY_generate_key(key)) handleErrors();
This creates the private and public key...
Post by Indtiny S
BIGNUM *prv;
EC_POINT *pub;
/* Set up private key in prv */
/* Set up public key in pub */
if(1 != EC_KEY_set_private_key(key, prv)) handleErrors();
... and then you overwrite the private key with garbage (prv is not
initialised). You probably want EC_KEY_get0_private_key
Post by Indtiny S
myPrint(prv,"\n");
if(1 != EC_KEY_set_public_key(key, pub)) handleErrors();
and the same here (but EC_KEY_get0_public_key).


Matt
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-***@openssl.org
Automated List Manager ***@openssl.org
Indtiny S
2014-11-18 17:04:04 UTC
Permalink
Hi,
Thanks for the reply .

Now below code is working fine. But is there any straight way get the
public key also?

void handleErrors(void){

printf("\n Error ");
}


void myPrint( BIGNUM * x, char * t ) {
char * s = BN_bn2dec( x ) ;
printf("%s%s", s, t ) ;
// OPENSSL_free(s) ;
free(s) ;
}

int main()
{

EC_KEY *key;

if(NULL == (key = EC_KEY_new_by_curve_name(NID_sect113r1)))
handleErrors();

if(1 != EC_KEY_generate_key(key)) handleErrors();

BIGNUM *prv = EC_KEY_get0_private_key(key);
BIGNUM *pub = EC_KEY_get0_public_key(key); //

*/* Is this the right way to get the public key or do I need to use
the Generator to get the public key*/ *

myPrint(prv,"\n"); // only this is printing properly
myPrint(pub,"\n");


return 0;

}


Rgds
Indra
Matt Caswell
2014-11-18 17:06:49 UTC
Permalink
Post by Indtiny S
Hi,
Thanks for the reply .
Now below code is working fine. But is there any straight way get the
public key also?
void handleErrors(void){
printf("\n Error ");
}
void myPrint( BIGNUM * x, char * t ) {
char * s = BN_bn2dec( x ) ;
printf("%s%s", s, t ) ;
// OPENSSL_free(s) ;
free(s) ;
}
int main()
{
EC_KEY *key;
if(NULL == (key = EC_KEY_new_by_curve_name(NID_sect113r1)))
handleErrors();
if(1 != EC_KEY_generate_key(key)) handleErrors();
BIGNUM *prv = EC_KEY_get0_private_key(key);
BIGNUM *pub = EC_KEY_get0_public_key(key); //
*/* Is this the right way to get the public key or do I need to use
the Generator to get the public key*/ *
Yes, you can call EC_KEY_get0_public_key to get the public key, but this
function returns an EC_POINT not a BIGNUM.

Matt
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-***@openssl.org
Automated List Manager ***@openssl.org
Indtiny S
2014-11-18 17:22:15 UTC
Permalink
Hi,
Sorry,, I am bit new to ECC , I Need to just prove the below thing

Ca.Sa.G) = Sa.Ca.G) .

* Client *:- private = Ca , public= Ca,G and *Server*:- private=Sa, pub =
Sa.G

When I read ECC tutorial, its defined that public key = Q (where Q=dG)

so how to get the CaG and SaG in my case ? and validate the equation ?

Please guide ..
Matt Caswell
2014-11-19 10:21:14 UTC
Permalink
Post by Indtiny S
Hi,
Sorry,, I am bit new to ECC , I Need to just prove the below thing
Ca.Sa.G) = Sa.Ca.G) .
* Client *:- private = Ca , public= Ca,G and *Server*:- private=Sa, pub
= Sa.G
When I read ECC tutorial, its defined that public key = Q (where Q=dG)
so how to get the CaG and SaG in my case ? and validate the equation ?
Please guide ..
Ahhh...homework....

See:
https://wiki.openssl.org/index.php/Elliptic_Curve_Diffie_Hellman

on that page your Ca=dA, CaG=QA, Sa=dB and SaG=QB


You need to generate two key pairs using the same curve...one for the
client and one for the server.

You'll need to use EC_POINT_mul to calculate Ca.Sa.G, and again for
Sa.Ca.G (in a real scenario you would use EVP_PKEY_derive or
ECDH_compute_key which hides all the "magic" from you...but I guess
that's not the point of the proof you've been asked to complete)

The rest is left as an exercise for the reader ;-)

Matt
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-***@openssl.org
Automated List Manager ***@openssl.org
Tomas Mraz
2014-11-19 11:04:52 UTC
Permalink
Post by Indtiny S
Hi,
Sorry,, I am bit new to ECC , I Need to just prove the below thing
Ca.Sa.G) = Sa.Ca.G) .
* Client *:- private = Ca , public= Ca,G and *Server*:- private=Sa, pub =
Sa.G
When I read ECC tutorial, its defined that public key = Q (where Q=dG)
so how to get the CaG and SaG in my case ? and validate the equation ?
Please guide ..
This really does not belong to the openssl-dev mailing list. Use
openssl-users mailing list whose purpose is for discussions of users
using OpenSSL and developing applications with OpenSSL.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
(You'll never know whether the road is wrong though.)


______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-***@openssl.org
Automated List Manager ***@openssl.org
Loading...