为什么本站点的ECC-DH对称密钥与OpenSSL不同 [英] Why is the ECC-DH Symmetric Key Of This Site Different From OpenSSL
问题描述
我正在使用(本网站) Javascript库和OpenSSL Ruby来计算Elliptic Curve Diffie Hellman的对称密钥。
I am using (this site's) Javascript library and OpenSSL Ruby to compute the symmetric key of Elliptic Curve Diffie Hellman.
但是,根据我的结果,OpenSSL Ruby只生成一个密钥,与具有X和Y对称密钥的网站不同。我感到困惑,因为我的OpenSSL对称密钥与网站上的那些x和y中的任何一个都不匹配。
However, from my results, OpenSSL Ruby only generated one key unlike that on the site which has X and Y symmetric keys. I am baffled as my OpenSSL symmetric key doesn't match either one of those x and y on the site.
我使用的对称(共享密钥)密钥 secp224r1
曲线:
The symmetric(shared secret) keys I got using secp224r1
curve:
Ruby OpenSSL
Ruby OpenSSL
13506351678569412185536677668115375188438201041599149052762191980775
使用Site的JS库
x: 26210366144026557327555572210249241206666031403062020900473236895358
y: 19676808255388748321882118528911150828003358302170965920476006073155
我的问题是:
1)为什么OpenSSL Ruby只产生一个键,而该大小产生两个键:x和y(因为我假设x和y赢了因为与Ruby对称密钥相比,bitsize将太长,所以不能相互连接。
1) Why does OpenSSL Ruby yields only one key while that size yields two keys: x and y (as I've assumed x and y won't be concatenated with each other since the bitsize will be too long when compared to the Ruby symmetric key)
2)有没有办法转换两个对称密钥(上面的OpenSSL和JSBN-EC库)彼此?我所有的转换尝试都失败了。
2) Is there a way to convert the two symmetric keys (OpenSSL and JSBN-EC library above) from one another? All my attempts to convert failed.
我一直在努力工作一周,现在用JSBN-EC库实现Ruby OpenSSL。我也尝试了(SJCL库)但类似的结果(对称密钥不匹配)。请帮忙。
I've been struggling for a week now implementing Ruby OpenSSL with that JSBN-EC library. I've also tried (SJCL library) but similar results (symmetric keys don't match). Please help.
推荐答案
我已经设法通过在客户端(JSBN-EC)上使用对称密钥来实现它服务器OpenSSL Ruby
I've managed to work it out now with working symmetric keys on client (JSBN-EC) and on server OpenSSL Ruby
我发现我的问题实际上在于代码本身。修好之后,我最终在OpenSSL Ruby上找到了一个对称密钥,如下所示:
I found out that my problem actually lies in the code itself. After fixing it, I've ended up with a symmetric key on OpenSSL Ruby as follows:
#Ruby: OpenSSL
...
...
symm_key = ec.dh_compute_key(point)
symm_key.unpack('B*').first.to_i(2) #Converts to binary, then to integer
#--> 6922380353406615622038660570577625762884344085425862813095878420328
在客户端使用JSBN-EC
While on the client side using JSBN-EC
#Javascript: JSBN-EC
...
...
var curve = get_curve();
var P = new ECPointFp(curve,
curve.fromBigInteger(server_pub_key_x),
curve.fromBigInteger(server_pub_key_y));
var a = client_priv_key;
var S = P.multiply(a);
console.log('SYMM_KEY X: '+S.getX().toBigInteger().toString());
//--> 6922380353406615622038660570577625762884344085425862813095878420328
console.log('SYMM_KEY Y: '+S.getY().toBigInteger().toString());
//--> 14426877769799867628378883482085635535383864283889042780773103726343
因此从外观来看,与Ruby OpenSSL值匹配的对称密钥是X值JSBN-EC对称密钥
Therefore from the looks of it, the symmetric key that matches the Ruby OpenSSL value is the X value of the JSBN-EC symmetric key
6922380353406615622038660570577625762884344085425862813095878420328
==
6922380353406615622038660570577625762884344085425862813095878420328
我不知道现在的Y值是多少。看起来我不需要它。干杯! :)
I don't know what the Y value is now for. Looks like I won't need it. Cheers! :)
这篇关于为什么本站点的ECC-DH对称密钥与OpenSSL不同的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!