Re: Support for ECDH One-pass in "openssl cms enc"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

after studying the different key generator functions more closely I came to the conclusion that, since the Prime256 curve has a cofactor of 1, both KDF should produce the same value and so everything has cleared up.

Kind regards,
Henning
From: openssl-users <openssl-users-bounces@xxxxxxxxxxx> on behalf of Henning Krause via openssl-users <openssl-users@xxxxxxxxxxx>
Sent: Sunday, May 23, 2021 2:45 PM
To: openssl-users@xxxxxxxxxxx <openssl-users@xxxxxxxxxxx>
Subject: Support for ECDH One-pass in "openssl cms enc"
 
Hi,

I'm trying to encrypt an email using the ECDH One-Pass algorithm. I've first created an X509 certificate with an EDSA key based on the curve prime256v1.

Then, I ran this command:

openssl cms -encrypt -in Unencrypted.eml -binary -recip ecc.cer -aes256 -keyopt ecdh_kdf_md:sha256 -keyopt ecdh_cofactor_mode:1

This does indeed create an encrypted eml:
MIME-Version: 1.0
Content-Disposition: attachment; filename="smime.p7m"
Content-Type: application/pkcs7-mime; smime-type=enveloped-data; name="smime.p7m"
Content-Transfer-Encoding: base64

MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQIxggEQoYIBDAIBA6BRoU8wCQYHKoZI
zj0CAQNCAAQYMD63JbNHczeD0BVjdlzuZAdTyFchu/KsXAZA6/OmbJ37xEoga1GG
ItMUW5qnzzNL9L25wi1GVZrMxH5bksxEMBUGBiuBBAEOATALBglghkgBZQMEAS0w
gZwwgZkwbTBnMQswCQYDVQQGEwJERTEMMAoGA1UECAwDTlJXMRIwEAYDVQQHDAlQ
YWRlcmJvcm4xGTAXBgNVBAoMEE5ldCBhdCBXb3JrIEdtYkgxGzAZBgNVBAMMEk5v
U3BhbVByb3h5IERldiBDQQICEBwEKB6t+YrcLQLXlVc8oC47Ija4mgzJ0uv7DvFl
JQXtUGZpf4pYQ9fvEO0wgYwGCSqGSIb3DQEHATAdBglghkgBZQMEASoEENsnhiim
ZK1xDpAN3tpDiwmAYLp71os2uX6TIEJeDbtAuEf570gNii9AdHgdbS3+4hpFUyKI
fifnofwQRq5+vsIc8DllYGMdMoWknO0vzNSNaLFpWMJ2Xe0SFyU0dO30wHlHXvz3
a3CzwXa5yoQ1qHfo3Q==

And it does have the expected KEK encryption algorithm set:
1.3.132.1.14.1 => dhSinglePass-cofactorDH-sha256kdf-scheme

However, the KDF method used is exactly the same as when I execute:
openssl cms -encrypt -in Unencrypted.eml -binary -recip ecc.cer -aes256 -keyopt ecdh_kdf_md:sha256 -keyopt ecdh_cofactor_mode:0

This call does produce a different KEK algorithm:
1.3.132.1.11.1 ecdhX963KDF-SHA256.

At least I can decrypt the content encryption key in both cases using the same algorithm ('Standard' ECDH).

I'm using OpenSSL 3.0.0-beta1-dev  (Library: OpenSSL 3.0.0-beta1-dev ).

Any ideas? Do I need any additional parameters to get this working?

Kind regards,
Henning
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux