EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Elliptic curve cryptography usage

Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.
#20344
Posted: 06/06/2012 07:45:14
by Raimundas Packevicius (Basic support level)
Joined: 06/06/2012
Posts: 6

Hi,
I'm trying to replace old component to secureblackbox. Old component is using elliptic curve cryptography. It generates and encrypts KeySession and ExchangedValue using PublicKey. Is it possible to have same functionality with secureblackbox? I suppose I need to use TElECKeyMaterial.

Thanks,
Raimundas
#20345
Posted: 06/06/2012 07:52:29
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

Hi. We support EC cryptography, including ECDH key exhange algorithm. You should check the TElECDHPublicKeyCrypto class.
#20346
Posted: 06/06/2012 08:14:16
by Raimundas Packevicius (Basic support level)
Joined: 06/06/2012
Posts: 6

I'm trying to use code

KeyMaterial:= TElECKeyMaterial.Create();
KeyMaterial.Curve:= SB_EC_SECP256R1;
KeyMaterial.LoadPublic(@PublicKey, length(PublicKey));
Crypto:= TElECDHPublicKeyCrypto.Create(SB_ALGORITHM_PK_EC);
Crypto.KeyMaterial:= KeyMaterial;
Crypto.Encrypt(inBuffer, Length(inBuffer), outBuffer, cnt);

but I get 'Public key not found'. Am I doing something wrong?
#20347
Posted: 06/06/2012 08:42:06
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

What is format (and type) of your PublicKey? It should be an elliptic curve point, as it it is used in X.509 certificates and described in ANSI X9.62.
#20348
Posted: 06/06/2012 09:18:04
by Raimundas Packevicius (Basic support level)
Joined: 06/06/2012
Posts: 6

Actually it's a string. My old component is able to convert it itself to elliptic curve point. How can I do this with your component?
#20349
Posted: 06/06/2012 09:33:18
by Eugene Mayevski (EldoS Corp.)

That string can be anything. What library are you using? Is it available publicly (maybe even with the source code)?


Sincerely yours
Eugene Mayevski
#20351
Posted: 06/06/2012 09:38:26
by Raimundas Packevicius (Basic support level)
Joined: 06/06/2012
Posts: 6

It's very old component from TSM Inc. TEllipticCurve. It's only one unit, I've attached it.


[ Download ]
#20360
Posted: 06/06/2012 11:02:04
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

It is hard to say something, looking at this source code. At first glance it seems to use hardcoded public keys (looking at TgfPoint.LoadGfpoint).
If you don't need to use keys from old code, you can generate new ones, using TElECKeyMaterial.Generate.
#20369
Posted: 06/07/2012 01:53:48
by Raimundas Packevicius (Basic support level)
Joined: 06/06/2012
Posts: 6

TgfPoint.LoadGfpoint is called only when TEllipticCurve.MakeKey is called, I use code:

For encryption:

ec.KeyPublic:=MyKey; //string
ec.Encrypt;
Key:=D64(ec.KeySession); //later I use this key to encrypt data
....

fullencrypteddata:=ec.ExchangedValue+MyEncryptedData;

For decryption:
ec.KeySecret:=k;
ec.ExchangedValue:= Copy ExchangedValue data from fullencrypteddata
ec.Decrypt;
Key:=D64(ec.KeySession); //key for decryption

MyEncryptedData:= Copy MyEncryptedData from fullencrypteddata
...
decryption
#20373
Posted: 06/07/2012 03:44:12
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

Sorry, but this code doesn't make clear what actually algorithm or standard is used in this library (actually, it seems to be something custom).

Do you need to be compatible with this library, or just need a replacement?
Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.

Reply

Statistics

Topic viewed 2602 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!