int main()
{
llong Zab, Zba;
diffie_hellman(1, Zab, Zba);
std::cout << "Zab = " << Zab << std::endl;
std::cout << "Zba = " << Zba << std::endl;
return 0;
}
int
main( int argc, char **argv )
{
/* step 1 */
char generator[] = "2";
char modulus[] =
"f488fd584e49dbcd20b49de49107366b336c380d451d0f7c88b31c7c5b2d8ef6" \
"f3c923c043f0a55b188d8ebb558cb85d38d334fd7c175743a31d186cde33212c" \
"b52aff3ce1b1294018118d7c84a70a72d686c40319c807297aca950cd9969fab" \
"d00a509b0246d3083d66a45d419f9c7cbd894b221926baaba25ec355e92f78c7";
char privatekey[] = "9123456701234567012345670123456701234567";
char DHpubkey[1000];
char cliprivatekey[] = "1111111122222222333333334444444477777777";
char cliDHpubkey[1000];
char secretkey[1000] , clisecretkey[1000];
diffie_hellman( generator , modulus , privatekey,
DHpubkey, sizeof( DHpubkey ));
printf( "DHpubkey:\n%s\n\n", DHpubkey );
/* step 2 */
diffie_hellman( generator, modulus, cliprivatekey,
cliDHpubkey, sizeof( cliDHpubkey ) );
printf( "cliDHpubkey:\n%s\n\n", cliDHpubkey );
diffie_hellman( DHpubkey, modulus, cliprivatekey,
clisecretkey , sizeof( clisecretkey ) );
printf( "clisecretkey:\n%s\n\n", clisecretkey );
/* step 3 */
diffie_hellman( cliDHpubkey, modulus, privatekey,
secretkey, sizeof( secretkey ) );
printf( "secretkey:\n%s\n\n", secretkey );
}
int main(void) {
sodium_init();
int status;
//create Alice's keypair
unsigned char alice_public_key[crypto_box_PUBLICKEYBYTES];
unsigned char alice_private_key[crypto_box_SECRETKEYBYTES];
status = generate_and_print_keypair(
alice_public_key,
alice_private_key,
"Alice",
"");
if (status != 0) {
sodium_memzero(alice_private_key, crypto_box_SECRETKEYBYTES);
return status;
}
//create Bob's keypair
unsigned char bob_public_key[crypto_box_PUBLICKEYBYTES];
unsigned char bob_private_key[crypto_box_SECRETKEYBYTES];
status = generate_and_print_keypair(
bob_public_key,
bob_private_key,
"Bob",
"");
if (status != 0) {
sodium_memzero(alice_private_key, crypto_box_SECRETKEYBYTES);
sodium_memzero(bob_private_key, crypto_box_SECRETKEYBYTES);
return status;
}
//Diffie Hellman on Alice's side
unsigned char alice_shared_secret[crypto_generichash_BYTES];
status = diffie_hellman(
alice_shared_secret,
alice_private_key,
alice_public_key,
bob_public_key,
true);
sodium_memzero(alice_private_key, crypto_box_SECRETKEYBYTES);
if (status != 0) {
fprintf(stderr, "ERROR: Diffie Hellman with Alice's private key failed. (%i)\n", status);
sodium_memzero(bob_private_key, crypto_box_SECRETKEYBYTES);
sodium_memzero(alice_shared_secret, crypto_generichash_BYTES);
return status;
}
//print Alice's shared secret
printf("Alice's shared secret ECDH(A_priv, B_pub) (%i Bytes):\n", crypto_generichash_BYTES);
print_hex(alice_shared_secret, crypto_generichash_BYTES, 30);
putchar('\n');
//Diffie Hellman on Bob's side
unsigned char bob_shared_secret[crypto_generichash_BYTES];
status = diffie_hellman(
bob_shared_secret,
bob_private_key,
bob_public_key,
alice_public_key,
false);
sodium_memzero(bob_private_key, crypto_box_SECRETKEYBYTES);
if (status != 0) {
fprintf(stderr, "ERROR: Diffie Hellman with Bob's private key failed. (%i)\n", status);
sodium_memzero(alice_shared_secret, crypto_generichash_BYTES);
sodium_memzero(bob_shared_secret, crypto_generichash_BYTES);
return status;
}
//print Bob's shared secret
printf("Bob's shared secret ECDH(B_priv, A_pub) (%i Bytes):\n", crypto_generichash_BYTES);
print_hex(bob_shared_secret, crypto_generichash_BYTES, 30);
putchar('\n');
//compare both shared secrets
status = sodium_memcmp(alice_shared_secret, bob_shared_secret, crypto_generichash_BYTES);
sodium_memzero(alice_shared_secret, crypto_generichash_BYTES);
sodium_memzero(bob_shared_secret, crypto_generichash_BYTES);
if (status != 0) {
fprintf(stderr, "ERROR: Diffie Hellman didn't produce the same shared secret. (%i)\n", status);
return status;
}
printf("Both shared secrets match!\n");
return EXIT_SUCCESS;
}
int main(void) {
if (sodium_init() == -1) {
return -1;
}
return_status status = return_status_init();
//create buffers
buffer_t *alice_public_key = buffer_create_on_heap(crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
buffer_t *alice_private_key = buffer_create_on_heap(crypto_box_SECRETKEYBYTES, crypto_box_SECRETKEYBYTES);
buffer_t *alice_shared_secret = buffer_create_on_heap(crypto_generichash_BYTES, crypto_generichash_BYTES);
buffer_t *bob_public_key = buffer_create_on_heap(crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
buffer_t *bob_private_key = buffer_create_on_heap(crypto_box_SECRETKEYBYTES, crypto_box_SECRETKEYBYTES);
buffer_t *bob_shared_secret = buffer_create_on_heap(crypto_generichash_BYTES, crypto_generichash_BYTES);
int status_int = 0;
//create Alice's keypair
buffer_create_from_string(alice_string, "Alice");
buffer_create_from_string(empty_string, "");
status = generate_and_print_keypair(
alice_public_key,
alice_private_key,
alice_string,
empty_string);
throw_on_error(KEYGENERATION_FAILED, "Failed to generate and print Alice's keypair.");
//create Bob's keypair
buffer_create_from_string(bob_string, "Bob");
status = generate_and_print_keypair(
bob_public_key,
bob_private_key,
bob_string,
empty_string);
throw_on_error(KEYGENERATION_FAILED, "Failed to generate and print Bob's keypair.");
//Diffie Hellman on Alice's side
status = diffie_hellman(
alice_shared_secret,
alice_private_key,
alice_public_key,
bob_public_key,
true);
buffer_clear(alice_private_key);
throw_on_error(KEYGENERATION_FAILED, "Diffie Hellman with Alice's private key failed.");
//print Alice's shared secret
printf("Alice's shared secret ECDH(A_priv, B_pub) (%zu Bytes):\n", alice_shared_secret->content_length);
print_hex(alice_shared_secret);
putchar('\n');
//Diffie Hellman on Bob's side
status = diffie_hellman(
bob_shared_secret,
bob_private_key,
bob_public_key,
alice_public_key,
false);
buffer_clear(bob_private_key);
throw_on_error(KEYGENERATION_FAILED, "Diffie Hellman with Bob's private key failed.");
//print Bob's shared secret
printf("Bob's shared secret ECDH(B_priv, A_pub) (%zu Bytes):\n", bob_shared_secret->content_length);
print_hex(bob_shared_secret);
putchar('\n');
//compare both shared secrets
status_int = buffer_compare(alice_shared_secret, bob_shared_secret);
buffer_clear(alice_shared_secret);
buffer_clear(bob_shared_secret);
if (status_int != 0) {
throw(INCORRECT_DATA, "Diffie Hellman didn't produce the same shared secret.");
}
printf("Both shared secrets match!\n");
cleanup:
buffer_destroy_from_heap_and_null_if_valid(alice_public_key);
buffer_destroy_from_heap_and_null_if_valid(alice_private_key);
buffer_destroy_from_heap_and_null_if_valid(alice_shared_secret);
buffer_destroy_from_heap_and_null_if_valid(bob_public_key);
buffer_destroy_from_heap_and_null_if_valid(bob_private_key);
buffer_destroy_from_heap_and_null_if_valid(bob_shared_secret);
on_error {
print_errors(&status);
}
return_status_destroy_errors(&status);
return status.status;
}
/*
* Derive a root and initial chain key for a new ratchet.
*
* The chain and root key have to be crypto_secretbox_KEYBYTES long.
*
* RK, CK, HK = HKDF( RK, DH(DHRr, DHRs) )
*/
int derive_root_chain_and_header_keys(
buffer_t * const root_key, //crypto_secretbox_KEYBYTES
buffer_t * const chain_key, //crypto_secretbox_KEYBYTES
buffer_t * const header_key, //crypto_aead_chacha20poly1305_KEYBYTES
const buffer_t * const our_private_ephemeral,
const buffer_t * const our_public_ephemeral,
const buffer_t * const their_public_ephemeral,
const buffer_t * const previous_root_key,
bool am_i_alice) {
assert(crypto_secretbox_KEYBYTES == crypto_auth_KEYBYTES);
//check size of the buffers
if ((root_key->buffer_length < crypto_secretbox_KEYBYTES)
|| (chain_key->buffer_length < crypto_secretbox_KEYBYTES)
|| (header_key->buffer_length < crypto_aead_chacha20poly1305_KEYBYTES)
|| (our_private_ephemeral->content_length != crypto_box_SECRETKEYBYTES)
|| (our_public_ephemeral->content_length != crypto_box_PUBLICKEYBYTES)
|| (their_public_ephemeral->content_length != crypto_box_PUBLICKEYBYTES)
|| (previous_root_key->content_length != crypto_secretbox_KEYBYTES)) {
return -6;
}
int status;
//input key for HKDF (root key and chain key derivation)
//input_key = DH(our_private_ephemeral, their_public_ephemeral)
buffer_t *input_key = buffer_create(crypto_secretbox_KEYBYTES, crypto_secretbox_KEYBYTES);
status = diffie_hellman(
input_key,
our_private_ephemeral,
our_public_ephemeral,
their_public_ephemeral,
am_i_alice);
if (status != 0) {
buffer_clear(input_key);
return status;
}
//now create root and chain key in temporary buffer
//RK, CK = HKDF(previous_root_key, input_key)
buffer_t *info = buffer_create_from_string(INFO);
buffer_t *hkdf_buffer = buffer_create(2 * crypto_secretbox_KEYBYTES + crypto_aead_chacha20poly1305_KEYBYTES, 2 * crypto_secretbox_KEYBYTES + crypto_aead_chacha20poly1305_KEYBYTES);
status = hkdf(
hkdf_buffer,
hkdf_buffer->content_length,
previous_root_key, //salt
input_key,
info);
buffer_clear(input_key);
if (status != 0) {
buffer_clear(hkdf_buffer);
return status;
}
//copy keys from hkdf buffer
status = buffer_copy(root_key, 0, hkdf_buffer, 0, crypto_secretbox_KEYBYTES);
if (status != 0) {
buffer_clear(hkdf_buffer);
buffer_clear(root_key);
return status;
}
status = buffer_copy(chain_key, 0, hkdf_buffer, crypto_secretbox_KEYBYTES, crypto_secretbox_KEYBYTES);
if (status != 0) {
buffer_clear(hkdf_buffer);
buffer_clear(root_key);
buffer_clear(chain_key);
return status;
}
status = buffer_copy(header_key, 0, hkdf_buffer, 2 * crypto_secretbox_KEYBYTES, crypto_secretbox_KEYBYTES);
if (status != 0) {
buffer_clear(hkdf_buffer);
buffer_clear(root_key);
buffer_clear(chain_key);
buffer_clear(header_key);
return status;
}
buffer_clear(hkdf_buffer);
return 0;
}
