const ECDH_METHOD *ECDH_get_default_method(void)
{
if (!default_ECDH_method) {
#ifdef OPENSSL_FIPS
if (FIPS_mode())
return FIPS_ecdh_openssl();
else
return ECDH_OpenSSL();
#else
default_ECDH_method = ECDH_OpenSSL();
#endif
}
return default_ECDH_method;
}
const ECDH_METHOD *ECDH_get_default_method(void)
{
if(!default_ECDH_method)
{
default_ECDH_method = ECDH_OpenSSL();
}
return default_ECDH_method;
}
ECDH_METHOD *PKCS11_get_ecdh_method(void)
{
static ECDH_METHOD *ops = NULL;
if (ops == NULL) {
alloc_ec_ex_index();
ops = ECDH_METHOD_new((ECDH_METHOD *)ECDH_OpenSSL());
ECDH_METHOD_get_compute_key(ops, &ossl_ecdh_compute_key);
ECDH_METHOD_set_compute_key(ops, pkcs11_ec_ckey);
}
return ops;
}
// Generate a Shared secret key from
BIGNUM * CAlphaCrypt::GenerateSharedSecretKey(BIGNUM * pMasterKey, EC_POINT * lpPeerPubKey) {
EC_KEY * lpFullCurve = NULL; // Full elliptic curve
EC_POINT * pubKey = NULL; // The peer public key (bad guys one)
ECDH_DATA * ecdh_data = NULL; // Elliptic Curve data structure
BYTE secretKey[0x20] = {0}; // Shared secret key
BIGNUM * pSecretBn = NULL; // Secret shared key BIGNUM
int iRet = 0;
if (!lpPeerPubKey)
// Get the default AlphaCrypt peer public key
pubKey = GetAlphaCryptPublicKey(); // DON'T forget to delete it, damn heck! :-)
else
// Don't delete the following one:
pubKey = lpPeerPubKey;
if (!pubKey) return NULL;
// Create the FULL curve that contains public/private key pair
lpFullCurve = EC_KEY_new_by_curve_name(NID_secp256k1);
//EC_KEY_set_public_key(lpFullCurve, pStartKey); // No my own public key (I need to calculate it)
iRet = SetPrivateKey(lpFullCurve, pMasterKey);
iRet = EC_KEY_check_key(lpFullCurve);
// Compute the shared secret key
ecdh_data = ecdh_check(lpFullCurve);
if (ecdh_data)
ecdh_data->meth = ECDH_OpenSSL();
// Calculate shared secret key: My private Key * Peer public key
iRet = ECDH_compute_key(secretKey, 0x20, pubKey, lpFullCurve, NULL);
// Convert the secret key in a BIGNUMBER
pSecretBn = BN_bin2bn(secretKey, 0x20, NULL);
/*////////////////////////////////////////////////////////////////////////
// Brief explaination: //
Here is what "ECDH_compute_key" does:
Calculate "da * Qb" (that is equal to "da * db * G"). Where:
da = my ownPrivate key (the master key)
Qb = the peer Public key (standard one inserted in AlphaCrypt)
*////////////////////////////////////////////////////////////////////////
// Cleanup
EC_KEY_free(lpFullCurve);
if (pubKey != lpPeerPubKey)
EC_POINT_free(pubKey);
return pSecretBn;
}
/* This internal function is used by ENGINE_openssl() and possibly by the
* "dynamic" ENGINE support too */
static int bind_helper(ENGINE *e)
{
if(!ENGINE_set_id(e, engine_openssl_id)
|| !ENGINE_set_name(e, engine_openssl_name)
#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS
#ifndef OPENSSL_NO_RSA
|| !ENGINE_set_RSA(e, RSA_get_default_method())
#endif
#ifndef OPENSSL_NO_DSA
|| !ENGINE_set_DSA(e, DSA_get_default_method())
#endif
#ifndef OPENSSL_NO_ECDH
|| !ENGINE_set_ECDH(e, ECDH_OpenSSL())
#endif
#ifndef OPENSSL_NO_ECDSA
|| !ENGINE_set_ECDSA(e, ECDSA_OpenSSL())
#endif
#ifndef OPENSSL_NO_DH
|| !ENGINE_set_DH(e, DH_get_default_method())
#endif
|| !ENGINE_set_RAND(e, RAND_SSLeay())
#ifdef TEST_ENG_OPENSSL_RC4
|| !ENGINE_set_ciphers(e, openssl_ciphers)
#endif
#ifdef TEST_ENG_OPENSSL_SHA
|| !ENGINE_set_digests(e, openssl_digests)
#endif
#endif
//MS:
#ifndef OPENSSL_NO_STDIO
#ifdef TEST_ENG_OPENSSL_PKEY
|| !ENGINE_set_load_privkey_function(e, openssl_load_privkey)
#endif
#endif
)
return 0;
/* If we add errors to this ENGINE, ensure the error handling is setup here */
/* openssl_load_error_strings(); */
return 1;
}
struct ntb_key *
ntb_key_new(struct ntb_ecc *ecc,
const struct ntb_key_params *params)
{
struct ntb_key *key = ntb_alloc(sizeof *key);
const uint8_t *public_signing_key;
const uint8_t *public_encryption_key;
const uint8_t *private_signing_key;
const uint8_t *private_encryption_key;
/* At least one of NTB_KEY_PARAM_PRIVATE/PUBLIC_KEYS must be
* provided */
assert((params->flags & (NTB_KEY_PARAM_PRIVATE_KEYS |
NTB_KEY_PARAM_PUBLIC_KEYS)) != 0);
ntb_ref_count_init(&key->ref_count);
if ((params->flags & NTB_KEY_PARAM_LABEL))
key->label = ntb_strdup(params->label);
else
key->label = ntb_strdup("");
if ((params->flags & NTB_KEY_PARAM_VERSION))
key->address.version = params->version;
else
key->address.version = 4;
if ((params->flags & NTB_KEY_PARAM_STREAM))
key->address.stream = params->stream;
else
key->address.stream = 1;
if ((params->flags & NTB_KEY_PARAM_POW_DIFFICULTY)) {
key->pow_per_byte = params->pow_per_byte;
key->pow_extra_bytes = params->pow_extra_bytes;
} else {
key->pow_per_byte = NTB_PROTO_MIN_POW_PER_BYTE;
key->pow_extra_bytes = NTB_PROTO_MIN_POW_EXTRA_BYTES;
}
if ((params->flags & NTB_KEY_PARAM_LAST_PUBKEY_SEND_TIME))
key->last_pubkey_send_time = params->last_pubkey_send_time;
else
key->last_pubkey_send_time = 0;
if ((params->flags & NTB_KEY_PARAM_ENABLED))
key->enabled = params->enabled;
else
key->enabled = true;
if ((params->flags & NTB_KEY_PARAM_DECOY))
key->decoy = params->decoy;
else
key->decoy = false;
if ((params->flags & NTB_KEY_PARAM_PRIVATE_KEYS)) {
private_signing_key = params->private_signing_key;
private_encryption_key = params->private_encryption_key;
} else {
private_signing_key = NULL;
private_encryption_key = NULL;
}
if ((params->flags & NTB_KEY_PARAM_PUBLIC_KEYS)) {
public_signing_key = params->public_signing_key;
public_encryption_key = params->public_encryption_key;
key->signing_key =
ntb_ecc_create_key_with_public(ecc,
private_signing_key,
public_signing_key);
key->encryption_key =
ntb_ecc_create_key_with_public(ecc,
private_encryption_key,
public_encryption_key);
} else {
key->signing_key =
ntb_ecc_create_key(ecc, private_signing_key);
key->encryption_key =
ntb_ecc_create_key(ecc, private_encryption_key);
}
if (private_encryption_key)
ECDH_set_method(key->encryption_key, ECDH_OpenSSL());
if ((params->flags & NTB_KEY_PARAM_RIPE)) {
memcpy(key->address.ripe,
params->ripe,
RIPEMD160_DIGEST_LENGTH);
} else {
generate_ripe(ecc, key);
}
ntb_address_get_tag(&key->address, key->tag, key->tag_private_key);
return key;
}
static int compute_key(void *out, size_t outlen,
const EC_POINT *pub_key, EC_KEY *ecdh,
void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
{
const EC_GROUP* group;
int ret;
group = EC_KEY_get0_group(ecdh);
// only use our solution if the curve name is SECT163K1
if (EC_GROUP_get_curve_name(group) == NID_sect163k1) {
const BIGNUM* rkey;
BN_CTX *ctx;
BIGNUM* x, *y;
mm256_point_t p, q;
mm_256 mkey;
int r;
ctx = BN_CTX_new();
BN_CTX_start(ctx);
x = BN_CTX_get(ctx);
y = BN_CTX_get(ctx);
rkey = EC_KEY_get0_private_key(ecdh);
memset(&mkey, 0, sizeof(mkey));
memcpy(&mkey, rkey->d, sizeof(rkey->d[0]) * rkey->top);
ec2m_import_key(&mkey);
r = EC_POINT_get_affine_coordinates_GF2m(group, pub_key, x, y, ctx);
memset(&p, 0, sizeof(p));
memcpy(&p.x, x->d, sizeof(x->d[0]) * x->top);
memcpy(&p.y, y->d, sizeof(y->d[0]) * y->top);
p.z.iv[0] = 1;
r = ec2m_private_operation(&p, &q);
if (r < 0) {
fprintf(stderr, "invalid result: %d\n", r);
}
int xlen = (163 + 7) / 8;
if (KDF != 0)
{
if (KDF(&q.x, xlen, out, &outlen) == NULL)
{
return -1;
}
ret = outlen;
}
else
{
/* no KDF, just copy as much as we can */
if (outlen > xlen)
outlen = xlen;
memcpy(out, &q.x, outlen);
ret = outlen;
}
BN_CTX_end(ctx);
BN_CTX_free(ctx);
} else {
// use the default method
const ECDH_METHOD* meth = ECDH_OpenSSL();
return meth->compute_key(out, outlen, pub_key, ecdh, KDF);
}
return ret;
}
