0
我使用JCSL - 客戶端(documentation)上的Javascript和服務器上的OpenSSL Ruby上使用橢圓曲線Diffie-Hellman在客戶端和服務器上生成對稱密鑰。橢圓曲線Diffie-Hellman對稱密鑰不匹配客戶端和服務器
我莫名其妙終於設法正確的格式由客戶端和服務器發送的公共密鑰,和我終於產生一個對稱密鑰沒有了運行時錯誤(my previous question)
然而,現在的問題是, Client's Symmetric Key != Server's Symmetric Key
我覺得這將是最好的,如果你可以試試這個在您的計算機上,所以我想上傳從JCSL(包括橢圓曲線)編譯的JS文件進行測試方便(link)
我的代碼如下(你只需複製粘貼此測試方便):
#Ruby on Rails
class EcdhController < ApplicationController
@@group = OpenSSL::PKey::EC::Group.new('secp384r1')
@@ec = OpenSSL::PKey::EC.new(@@group)
def connect
logger.info('CONNECT PAGE:::::::::::::::::')
end
def send_params
logger.info('SEND_PARAMS::::::::::::::::::')
#GENERATE PUBLIC AND PRIVATE KEYS
@@ec.generate_key
#SEND PUBLIC KEY TO CLIENT/BROWSER
#[2..-1] means I've removed the first two Hex characters which is x04 which I think is automatically prepended by OpenSSL which causes errors in the Client JS side
render :json => {:server_pub_key => @@ec.public_key.to_bn.to_s(16)[2..-1]}
end
def receive_client_pub_key
logger.info('RECEIVE_CLIENT_PUB_KEY:::::::::::::::')
#Convert properly the format of the JCSL pub key on client side
client_pub_key = (params[:client_pub_key].split(",").map { |s| s.to_i }).pack('N*')
#Copied from https://stackoverflow.com/questions/11135420/elliptic-curve-cryptography-with-sjcl-in-js-and-openssl-in-ruby
algokey = OpenSSL::ASN1::ObjectId 'id-ecPublicKey'
algovalue = OpenSSL::ASN1::ObjectId 'secp384r1'
algo = OpenSSL::ASN1::Sequence.new [algokey,algovalue]
# for some reason OpenSSL seems to prepend 0x04 to all public keys
key = OpenSSL::ASN1::BitString.new "\x04#{client_pub_key}"
root = OpenSSL::ASN1::Sequence.new [algo,key]
pub = OpenSSL::PKey.read(root.to_der)
#-End of copied code-#
#COMPUTE SYMMETRIC KEY
symm_key = @@ec.dh_compute_key(pub.public_key)
puts "SYMM KEY: #{symm_key.unpack('H*').first}"
#---> SYMM KEY: f8de0a7012765a1ff8b7630c917a1d3d2ac9cc0d782fbb6c0c101128a29232fec5194468b7ed846053abab05744c61e9
render :json => nil
end
end
雖然在客戶端,
//Javascript
<h1>Ecdh#connect</h1>
<p>Find me in app/views/ecdh/connect.html.erb</p>
<script>
$(document).ready(function()
{
var server_pub_key;
var client_priv_key;
var client_pub_key;
connect();
function connect()
{
//Receive Server Public Key
jQuery.getJSON('<%= url_for(:controller => :ecdh, :action => :send_params) %>', function(data)
{
//Get Server Public Key
server_pub_key_Bits = new sjcl.bn(data.server_pub_key.toString()).toBits(); //Convert Hex String to BN, and then to Bits
//Client Keys
client_keys = sjcl.ecc.elGamal.generateKeys(384, 0);
client_keys.generate_keys;
client_pub_key_Hex = sjcl.bn.fromBits(client_keys.pub.serialize().point).toString(16); //Into bits, then to Hex
client_priv_key = client_keys.sec; //sjcl.ecc.elGamal.privateKey format
//Send Client/Own Public Key to Server
jQuery.getJSON('<%= url_for(:controller => :ecdh, :action => :receive_client_pub_key) %>?client_pub_key='+client_keys.pub.serialize().point, function()
{
//Set Curve from Template
curve = sjcl.ecc.curves['c384'];
//Convert server_pub_key_Bits to proper 'publicKey' format
server_pub_key = new sjcl.ecc.elGamal.publicKey(384, curve, server_pub_key_Bits);
//Compute Shared Key
symm_key_Bits = client_priv_key.dh(server_pub_key);
symm_key_Hex = sjcl.bn.fromBits(symm_key_Bits).toString(16);
console.log(symm_key_Hex);
//---> 0xa779359617b008884b67c0785a3f782b9dca6e46f9586f7e911b73de877f2aca
});
});
}
});
</script>
因此,我的問題是
f8de0a7012765a1ff8b7630c917a1d3d2ac9cc0d782fbb6c0c101128a29232fec5194468b7ed846053abab05744c61e9
!=
0xa779359617b008884b67c0785a3f782b9dca6e46f9586f7e911b73de877f2aca
隨意問我如何轉換格式和東西,如果你想測試或任何東西,因爲這對我的項目至關重要。請幫忙。由於