不能使用javascript桥接椭圆曲线Diffie-Hellman [英] Can't bridge Elliptic Curve Diffie-Hellman with javascript

问题描述

我知道这是一个非常具体的问题，但我试图在php和客户端之间使用椭圆曲线Diffie-Hellman算法（ECDH）基于2个似乎声音的库交换密钥：

1. https://github.com/mdanter/phpecc 用于php部分和




2. http://www-cs-students.stanford.edu/~tjw/jsbn/ecdh.html 用于js部分。

似乎参数（在第二个演示中可以看到）不适合在（1）中的Mattias Danter库！ / p>

我尝试了：

a。在php

中生成Alice公钥。从（a）获取x和y值，并在stanford的js demo页面中替换Alice字段

c。从页面（b）Bob的公共点和私钥生成

d。重新运行php在（a），但现在重置Alice的属性到以前的运行（我不得不添加一些设置在Mattias Danter类），然后使用鲍勃的公共值和密钥重置鲍勃的javascript的值

e。导入键和比较

但php捕获错误：

错误：未捕获的异常'ErrorException有消息曲线CurveFp对象
（[A：保护] => -3 [b：保护] => 
 2455155546008943817740293915197451784769108058161191238065 [黄金：保护] => 
 6277101735386680763835789423207666416083908700390324961279）不包含在
 /无功/网络/用户/测试/ PHP /测试/ EXT / phpecc主/班/点
（1328803036204499271979785126753219480492435117174，
 -228023147101697490181439300085858154675358736333）' Point.php：53 
  

搜索我的代码我发现导致错误的原因：

  public function calculateKey（）{
 $ this-> agreed_key = Point :: mul（$ this-> secret，$ this-> receivedPubPoint） - > getX（）; 
} 
  

Bob的公钥存储在 EcDH :: receivedPubPoint 并生成错误!!

这里是具有一些标识（EcDH类）的对象Alice：

  Alice：
 EcDH对象
（
 [generator：EcDH：private] => Point Object 
 （
 [曲线] => CurveFp对象
（$ b $苯并[a：保护] => -3 
 [b：保护] => 2455155546008943817740293915197451784769108058161191238065 
 [黄金：保护] => 6277101735386680763835789423207666416083908700390324961279 
）
 
 [X] => 602046282375688656758213480587526111916698976636884684818 
 [Y] => 174050332293622031404857552280219410364023488927386650641 
 [为了] => 6277101735386680763835789423176059013767194773182842284081 
）
 
 [pubPoint：EcDH：private] => Point Object 
（
 [curve] => CurveFp Object 
 b [a：protected] => -3 
 [b：protected] => 2455155546008943817740293915197451784769108058161191238065 
 [prime：protected] => 6277101735386680763835789423207666416083908700390324961279 
）
 
 [x] => 1230571492519579244570075682716266141492045436832711426918 
 [y] => 925696034592317781055362853857916815608433923236519324844 
 [order] => 
）
 
 [receivedPubPoint：EcDH：private] => 
 [secret：EcDH：private] => 14506874945990177925841757912817895350330843517362 
 [agreed_key：EcDH：private] => 
）
  

我的意见是javascript公共值不正确，在椭圆曲线参数下实施 http：// www-cs -students.stanford.edu/~tjw/jsbn/ecdh.html 。

通过搜索更多我发现这个js块的斯坦福的代码是有问题的比较与PHPp版本：

  // ECCurveFp 
 // constructor 
 function ECCurveFp（q，a， b）{
 this.q = q; 
 this.a = this.fromBigInteger（a）; 
 this.b = this.fromBigInteger（b）; 
 this.infinity = new ECPointFp（this，null，null）; 
} 
 
 // ---------------- 
 // SECNamedCurves 
 function secp192k1（）{
 // p = 2 ^ 192  -  2 ^ 32  -  2 ^ 12  -  2 ^ 8  -  2 ^ 7  -  2 ^ 6  -  2 ^ 3  -  1 
变种p = fromHex（FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37）; 
 var a = BigInteger.ZERO; 
 var b = fromHex（3）; 
 // byte [] S = null; 
 var n = fromHex（FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D）; 
 var h = BigInteger.ONE; 
 var curve = new ECCurveFp（p，a，b）; 
变种G = curve.decodePointHex（04
 +DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D
 +9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D）; 
 return new X9ECParameters（curve，G，n，h）; 
} 
  

有什么建议吗？

感谢。

解决方案

您应该确保JS和PHP库使用相同曲线。是吗？

I know this is a very specific question but I tried to exchange keys between php and a client using the Elliptic Curve Diffie-Hellman algorithm (ECDH) based on 2 libraries that seem sound:

1. https://github.com/mdanter/phpecc for the php part and

2. http://www-cs-students.stanford.edu/~tjw/jsbn/ecdh.html for the js part.

It seems that the parameters (as can be seen at the second demo) just aren't right for the Mattias Danter library in (1)!

What I tried:

a. produce Alice public key in php

b. take x- and y-values from (a) and put in js demo page at stanford in place of Alice fields

c. produce from page (b) Bob's public point and private key

d. re-run php in (a) but now reset Alice's properties to previous run (I had to add some setters in Mattias Danter classes) and then used Bob's public values and secret key to reset Bob to javascript's values

e. import keys and compare

but php catches an error:

Fatal error: Uncaught exception 'ErrorException' with message 'Curve CurveFp Object 
( [a:protected] => -3 [b:protected] => 
2455155546008943817740293915197451784769108058161191238065 [prime:protected] => 
6277101735386680763835789423207666416083908700390324961279 ) does not contain point 
( 1328803036204499271979785126753219480492435117174 , 
-228023147101697490181439300085858154675358736333 )' in 
/var/www/users/test/php/tests/ext/phpecc-master/classes/Point.php:53 

searching my code I found what caused the error: it was during the calculation of the common key by Alice:

public function calculateKey() {
  $this->agreed_key = Point::mul($this->secret, $this->receivedPubPoint)->getX();
}

Bob's public key (from javascript) was stored in EcDH::receivedPubPoint and generates error!!

Here is object Alice with some identation (EcDH class):

Alice:
EcDH Object
(
  [generator:EcDH:private] => Point Object
  (
    [curve] => CurveFp Object
    (
      [a:protected] => -3
      [b:protected] => 2455155546008943817740293915197451784769108058161191238065
      [prime:protected] => 6277101735386680763835789423207666416083908700390324961279
    )

    [x] => 602046282375688656758213480587526111916698976636884684818
    [y] => 174050332293622031404857552280219410364023488927386650641
    [order] => 6277101735386680763835789423176059013767194773182842284081
  )

  [pubPoint:EcDH:private] => Point Object
  (
    [curve] => CurveFp Object
    (
      [a:protected] => -3
      [b:protected] => 2455155546008943817740293915197451784769108058161191238065
      [prime:protected] => 6277101735386680763835789423207666416083908700390324961279
    )

    [x] => 1230571492519579244570075682716266141492045436832711426918
    [y] => 925696034592317781055362853857916815608433923236519324844
    [order] =>
  )

  [receivedPubPoint:EcDH:private] =>
  [secret:EcDH:private] => 14506874945990177925841757912817895350330843517362
  [agreed_key:EcDH:private] =>
)

My opinion is that the javascript public values are not correct due to the way fields under "Elliptic Curve parameters" are implemented in http://www-cs-students.stanford.edu/~tjw/jsbn/ecdh.html.

By searching more I found that this js blocks of Stanford's code are problematic compared with the php version:

// ECCurveFp
// constructor
function ECCurveFp(q,a,b) {
    this.q = q;
    this.a = this.fromBigInteger(a);
    this.b = this.fromBigInteger(b);
    this.infinity = new ECPointFp(this, null, null);
}

// ----------------
// SECNamedCurves
function secp192k1() {
    // p = 2^192 - 2^32 - 2^12 - 2^8 - 2^7 - 2^6 - 2^3 - 1
    var p = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37");
    var a = BigInteger.ZERO;
    var b = fromHex("3");
    //byte[] S = null;
    var n = fromHex("FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D");
    var h = BigInteger.ONE;
    var curve = new ECCurveFp(p, a, b);
    var G = curve.decodePointHex("04"
                + "DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D"
                + "9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D");
    return new X9ECParameters(curve, G, n, h);
}

Are there any suggestions?

Thanks.

解决方案

You should make sure that JS and PHP libraries use the same curve. Do they?

这篇关于不能使用javascript桥接椭圆曲线Diffie-Hellman的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！