TechQA.

OpenSSL gost engine issue

1.8k views Asked by At

I'm trying to implement ECDH key exchange GOST 34.10-2001 using OpenSSL 1.0.0d. I'm loading gost engine like this:

    ENGINE * e = ENGINE_by_id("gost");

    if(!e)
    {
        e = ENGINE_by_id("dynamic");
        if (!e)
        {
            ENGINE_load_dynamic();
            e = ENGINE_by_id("dynamic");
        }

        if (e && (!ENGINE_ctrl_cmd_string(e, "SO_PATH", "gost", 0) || !ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0)))
            return 1;
    }

    if(!ENGINE_init(e))
        return 1;

    ENGINE_set_default(e, ENGINE_METHOD_ALL);
    OpenSSL_add_all_algorithms();

At this point GOST engine is loaded and works fine (I think so). I've done some testings with hashing and encryption algorithms.

But when I'm trying to implement ECDH (shared key generation by importing other side public key), I'm getting improper result (shared key differs with other side).

I've checked a, b, p, q, x, y parameters, checked code flow, but can't figure out what's wrong.

FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD94
a6
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6C611070995AD10045841B09B761B893
1
8D91E471E0989CDA27DF505A453F2B7635294F2DDF23E3B122ACC99C9E9F1E14

There's one thing: VKO 34.10-2001 algorithm is implemented in openssl\engines\ccgost\gost2001_keyx.c (function VKO_compute_key), BUT when I'm calling a generic function ECDH_compute_key it doesn't lead to VKO_compute_key (checked this by setting int3 at the beginning of VKO_compute_key).

Did I misunderstood something? Or can someone show an example of generating shared key using gost engine from openssl?

cryptography openssl diffie-hellman gost3410
Original Q&A
1

There are 1 answers

0
Kevin On

I know it's an old question, but it may still be topical for some.

The following code generates a shared secret just fine when using the GOST engine.

int get_shared_key(
    EVP_PKEY *priv, 
    EVP_PKEY *peer,     
    unsigned char *ukm, 
    int ukm_size, 
    unsigned char *secret, 
    size_t *secret_len)
{
    int result = 0;
    EVP_PKEY_CTX *ctx = NULL;
    int key_size = 0;

    if((ctx = EVP_PKEY_CTX_new(priv, NULL)) == NULL) 
        goto err;
    if(EVP_PKEY_derive_init(ctx) != 1) 
        goto err;
    if(EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_SET_IV, ukm_size, ukm) != 1) 
        goto err;
    if(EVP_PKEY_derive_set_peer(ctx, peer) != 1) 
        goto err;
    key_size=EVP_PKEY_derive(ctx, NULL, secret_len);
    if(key_size != GOST_R_34_12_2015_KEY_SIZE) 
        goto err;
    if(EVP_PKEY_derive(ctx, secret, secret_len) != 1) 
        goto err;

    result = 1;
    goto end;
err:
    ERR_print_errors_fp(stderr);
end:
    if(ctx)
        EVP_PKEY_CTX_free(ctx);
    return result;
}

Related Questions in CRYPTOGRAPHY

Related Questions in OPENSSL

Related Questions in DIFFIE-HELLMAN

Related Questions in GOST3410

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions