aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/cert
diff options
context:
space:
mode:
authorDaniel Neus <[email protected]>2016-07-11 14:13:00 +0200
committerDaniel Neus <[email protected]>2016-07-13 10:17:28 +0200
commit2c8799b3d91e12b21eb3789f5cedc8a4fb7aaec1 (patch)
tree6f3e390b72d5fe08e03457471eeba7b593e5caf2 /src/lib/cert
parentb3bc80dfdb28aee0900b6ed92dff5ba8c5e4daf9 (diff)
DLIES rework
With these fixes the implementation is now compatible with bouncycastle and it should operate as it is specified in "DHIES: An encryption scheme based on Diffie-Hellman Problem" or in BSI technical guideline TR-02102-1. In addition to the already present XOR-encrypion/decryption mode it's now possible to use DLIES with a block cipher. Previously the input to the KDF was the concatenation of the (ephemeral) public key and the secret value derived by the key agreement operation: ``` secure_vector<byte> vz(m_my_key.begin(), m_my_key.end()); vz += m_ka.derive_key(0, m_other_key).bits_of(); const size_t K_LENGTH = length + m_mac_keylen; secure_vector<byte> K = m_kdf->derive_key(K_LENGTH, vz); ``` I don't know why this was implemented like this. But now the input to the KDF is only the secret value obtained by the key agreement operation. Furthermore the order of the output was changed from {public key, tag, ciphertext} to {public key, ciphertext, tag}. Multiple test vectors added that were generated with bouncycastle and some with botan itself.
Diffstat (limited to 'src/lib/cert')
0 files changed, 0 insertions, 0 deletions